Pumpernickel
asked on
Server 2008 Standard to another Server
I have to move my current DC to another server so I can reuse the server for a different project. This is the main DC, so which steps should I use when doing this move other than dcpromo and copying all of the users files?
ASKER
Yeah, 2008 standard. When I do dcpromo, I then select DNS server and Global Catalog. After that, it says 'A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server. To enable reliable DNS name resolution from the outside of the domain NAME.com, you should create a delegation to this DNS server manually in the parent zone.
So should I just continue and then once it adds this server to the current record, just add the authority?
So should I just continue and then once it adds this server to the current record, just add the authority?
Just click continue, do not create a delegation.
Also the new server IP and primary DNS of NEW server should be same IP address.
Note - assign static IP to new server.
Note - assign static IP to new server.
ASKER
Okay, so the current server is 10.1.10.57, and the new server is 10.1.10.50 Is that ok?
If new server IP is 10.1.10.50 then configure NIC of new server as below;
IP- 10.1.10.50
subnet : as per you nw
Gateway:as per you nw
primary DNS: 10.1.10.50
Secondry dns: can be blank.
IP- 10.1.10.50
subnet : as per you nw
Gateway:as per you nw
primary DNS: 10.1.10.50
Secondry dns: can be blank.
ASKER
I set the dns server as 10.1.10.50, then I did dcpromo. Now I'm getting an error 'The error was: "The operation returned because the timeout period expired." (error code 0x000005B4 ERROR_TIMEOUT)
So should I change the primary dns to 10.1.10.57, then do DCPROMO, then change the primary dns to 10.1.10.50
So should I change the primary dns to 10.1.10.57, then do DCPROMO, then change the primary dns to 10.1.10.50
ASKER
Oh, and I forgot to tell you, I renamed the server and put it on the domain already prior to doing dcpromo.
Try the primary dns to 10.1.10.57 and and check result.
ASKER
It works like that. So should I do dcpromo with 10.1.10.57 as the primary dns, then after, change it back to 10.1.10.50?
Yes.
ASKER
Okay, I'm changing the adapter back to 10.1.10.50. So after installing the roles, you said to transfer the FSMOs, how do I do that?
Nice GUI steps : Transferring FSMO Roles in Windows Server 2008
http://www.elmajdal.net/Win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx
http://www.elmajdal.net/Win2k8/Transferring_FSMO_Roles_in_Windows_Server_2008.aspx
Using cmd: Transferring FSMO Roles
http://www.petri.co.il/transferring_fsmo_roles.htm
http://www.petri.co.il/transferring_fsmo_roles.htm
ASKER
Now can I do the transfer while users are still using the network?
First of all run dcdiag and netdiag on both dc to confirm there are no errors on server.
If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will affect to users on network.
If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will affect to users on network.
PLEASE IGNORE LAST COMMENTS:
First of all run dcdiag and netdiag on both dc to confirm there are no errors on server.
If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will not affect to users on network.
First of all run dcdiag and netdiag on both dc to confirm there are no errors on server.
If dcdiag and netdiag did not reported error then you can safely transfer fsmo roles, it will not affect to users on network.
ASKER
So does that mean that this is something that can be done while users are still logged in and working on items?
Yes, you can transfer roles while users are still logged in and working on items.
Once complete the role transfer users would be use new DC to querying.
Once complete the role transfer users would be use new DC to querying.
ASKER
Okay, the five roles are transferred. Now do I need to transfer the DNS? I transferred the DHCP already.
ASKER
Also, will the group policies automatically stick with the new server once I take the old one off line or is there a transfer with them also?
Have you configured DNS at the time of dcpromo on new DC? If yes then DNS should be AD integrated.
Replication process will take care of DNS and GPO, replication process will update all records in DNS and GPO on new DC.
Replication process will take care of DNS and GPO, replication process will update all records in DNS and GPO on new DC.
ASKER
Well when I went to setup the DNS Server, it said
'A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server. To enable reliable DNS name resolution from the outside of the domain NAME.com, you should create a delegation to this DNS server manually in the parent zone.'
'A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it does not run windows dns server. To enable reliable DNS name resolution from the outside of the domain NAME.com, you should create a delegation to this DNS server manually in the parent zone.'
ASKER
I found this article, should I follow these steps?
http://blogs.techrepublic.com.com/datacenter/?p=415
http://blogs.techrepublic.com.com/datacenter/?p=415
Is the new configured with an Active Directory-integrated zone?
If the DNS is Active Directory-integrated then only follow the first step which mentioned in article.
No need to follow other two that steps are for Standard primary server and Standard secondary server.
If the DNS is Active Directory-integrated then only follow the first step which mentioned in article.
No need to follow other two that steps are for Standard primary server and Standard secondary server.
ASKER
Thats weird. I just opened the DNS on the new server and I clicked on Forward Lookup Zones, and Reverse Lookup Zones and it says 'The Domain Name System (DNS) allows a DNS namespace to be divided into zones. Each zone stores information about one or more contiguous DNS domains. To add a new zone, on the Action menu, click New Zone.'
So I'm guessing the DNS didn't setup...
So I'm guessing the DNS didn't setup...
Ok, click new zone and configure it as Active Directory-integrated, then point itself as primary DNS in NIC.
Then run ipconfig /flushdns && ipconfig /registerdns then run dcdiag /test:dns to check errors.
Then run ipconfig /flushdns && ipconfig /registerdns then run dcdiag /test:dns to check errors.
ASKER
So New Zone > Then Primary Zone? Not Secondary? Will this effect the server that is running the current DNS right now? And the users?
Yes , primary zone.
Will this effect the server that is running the current DNS right now? And the users? -No and no.
Will this effect the server that is running the current DNS right now? And the users? -No and no.
ASKER
Okay so am I doing To all DNS servers in this forest: des.com or To all DNS servers in this domain: des.com
New Zone > Then Primary Zone and check mark to store zone Active Directory > To all domain controllers in this domain: des.com
ASKER
Okay, now if I create a Forward Lookup Zone, I need a reverse lookup zone also, so would I do this again and do a reverse lookup zone after?
yes, create reverse lookup zone also.
ASKER
So I made the zones. Then I went to start up the DHCP server, and I deactivated the old servers DHCP server and it says its running on the new one. So I went to connect my laptop and it couldn't pull an IP down.
ASKER
Nothing in the error logs either.
ASKER
Also, I went start back up the old DHCP server and its not authorized in AD anymore. I'm not sure what to do about the new one, everything says its running.
ASKER
Oh, and the reverse lookup zone I made keeps pointing to the old server, not the new one. I went to change it in the general tab on the new server and it says 'The data on the secondary zone failed to set. The IP address is invalid.' I'm almost positive I had set it up as a Primary Zone... Is there anyway to change it to a primary if I didn't?
ASKER
Now I went to change it to a primary zone by hitting change (it was set as a secondary), then I clicked apply and it said something about the change failed because the zone is shutdown.
So I went to my DNS error logs and it says Zone expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone. The zone has been shut down.
So I went to my DNS error logs and it says Zone expired before it could obtain a successful zone transfer or update from a master server acting as its source for the zone. The zone has been shut down.
Do not chage the zone from promary to secondary, revert back all chnages and open cmd> nslookup > check name to and ip to name resolution.
If DNS is totally down then delete fwd and rev zone reconfigure it and do not point any zone to the old server.
To resolve DHCP issue uninstall DHCP role, again reinstall, reconfigure and authorize it again.
If DNS is totally down then delete fwd and rev zone reconfigure it and do not point any zone to the old server.
To resolve DHCP issue uninstall DHCP role, again reinstall, reconfigure and authorize it again.
ASKER
Right now it says its a primary zone because I changed it from a secondary to the primary. I did nslookup and it says the server is localhost and the address is 127.0.0.1
The DHCP server is still not working. Should I goahead and remove it then add it again?
The DHCP server is still not working. Should I goahead and remove it then add it again?
Do not put primary DNS server 127.0.0.1 in NIC, point itself (server IP)as primary dns.
Yes, remove DHCP then reinstall, reconfigure and authorize again.
Yes, remove DHCP then reinstall, reconfigure and authorize again.
ASKER
Changed the nic to 10.1.10.50. I reinstalled the DHCP server without WINS. I added the DHCP scope and subnet type of wired, not wireless. I didn't install IPv6, because I do not wish to use ip6.
I have a warning on the DNS, 'The DNS server is waiting for Active Directory Domain Services to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with the DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. ect...'
I have a warning on the DNS, 'The DNS server is waiting for Active Directory Domain Services to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with the DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. ect...'
ASKER
I reinstalled the DHCP server, and it said the scope parameters were invalid. Then I checked, and DHCP was installed though and the old settings are still there.
ASKER
DHCP server still isn't working... Is there something I'm forgetting to do? I moved all of the AD and redid the DNS... I don't get why the clients can't pickup the DHCP server..
Is the DNS server working? Have you completely removed DHCP from add remove programs?
ASKER
The DNS seems to be working fine. The DHCP I removed from Add / Remove Roles. Then it had me reset. Then I went to add it again and it said the scope parameters were wrong, so I clicked Ok and it closed the role out. I went to the server manager and DHCP was there, so I clicked on it and all of the old options and reservation were there from the last time I did this.
Have followed below steps?
To remove dhcp-> start -run appwiz.cpl - (click left pane )add/remove windows component > open network services > uncheck DHCP >OK .
To add start -run appwiz.cpl - (click left pane )add/remove windows component > open network services > check DHCP >OK .
To remove dhcp-> start -run appwiz.cpl - (click left pane )add/remove windows component > open network services > uncheck DHCP >OK .
To add start -run appwiz.cpl - (click left pane )add/remove windows component > open network services > check DHCP >OK .
Remove or uninstall DHCP : http://technet.microsoft.com/en-us/library/cc775476(WS.10).aspx
install-and-configure-dhcp :
http://www.windowsreference.com/windows-server-2003/install-and-configure-dhcp-server-in-win-server-2003-step-by-step-guide/
install-and-configure-dhcp
http://www.windowsreference.com/windows-server-2003/install-and-configure-dhcp-server-in-win-server-2003-step-by-step-guide/
ASKER
I'm running server 2008, not 2003. So I have to remove it from the Roles. I removed it from the roles and then I reinstalled it. My subnet is the same as the nic card, so this can't be a subnet issue... I can't think of what else could be causing the dhcp server not to pickup the broadcast request by the clients..
ASKER
So I was looking at the DNS error I posted above, and the event id comes to:
Event ID 4013
Source DNS
Type Warning
Description The DNS server was unable to open the Active Directory. This DNS server is configured to use directory service information and can not operate without access to the directory. The DNS server will wait for the directory to start. If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start.
So now I'm wondering if there is an issue with AD on the new server which is causing the DHCP server not to work or the DNS properly...
Event ID 4013
Source DNS
Type Warning
Description The DNS server was unable to open the Active Directory. This DNS server is configured to use directory service information and can not operate without access to the directory. The DNS server will wait for the directory to start. If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start.
So now I'm wondering if there is an issue with AD on the new server which is causing the DHCP server not to work or the DNS properly...
ASKER
I know how to install a DHCP server, I think this is something between AD and the DHCP and the DNS... The DHCP server has to be authorized in AD... and with that error above with the DNS saying it can't open AD... whats saying that the DHCP can't open AD so therefore its not authorized...
Run "Dcdiag" for DS error and run "dcdiag /test:dns" for DNS error
post the report of above.
post the report of above.
ASKER
DCDIAG:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P olicies\{5 F9D92D4-DA DC-47BA-B1 3D-8DB1BBC 31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES >
DCDIAG:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P olicies\{5 F9D92D4-DA DC-47BA-B1 3D-8DB1BBC 31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES >
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES
DCDIAG:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES
Run "dcdiag /q" instead of "dcdiag".
ASKER
Could it be possible that the DNS is pointing to the old AD server (the old server is still online for the time being until the new one is completed)?
ASKER
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P olicies\{5 F9D92D4-DA DC-47BA-B1 3D-8DB1BBC 31B2A}\g
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES >
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE
Starting test: Advertising
......................... DES-DC1 passed test Advertising
Starting test: FrsEvent
......................... DES-DC1 passed test FrsEvent
Starting test: DFSREvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DES-DC1 failed test DFSREvent
Starting test: SysVolCheck
......................... DES-DC1 passed test SysVolCheck
Starting test: KccEvent
......................... DES-DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DES-DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DES-DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DES-DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DES-DC1 passed test NetLogons
Starting test: ObjectsReplicated
......................... DES-DC1 passed test ObjectsReplicated
Starting test: Replications
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
Starting test: RidManager
......................... DES-DC1 passed test RidManager
Starting test: Services
......................... DES-DC1 passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 07/16/2010 18:17:55
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:23
Event String:
The Security System detected an authentication error for the server
cifs/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:24
Event String:
The Security System detected an authentication error for the server
LDAP/DES-DC1. The failure code from authentication protocol Kerberos was "There
are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x825A000C
Time Generated: 07/16/2010 18:18:33
Event String:
Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:18:37
Event String:
The Security System detected an authentication error for the server
ldap/DES-DC1.des.com. The failure code from authentication protocol Kerberos was
"There are currently no logon servers available to service the logon request.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:18:46
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:18:46
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x8000A000
Time Generated: 07/16/2010 18:19:33
Event String:
The Security System detected an authentication error for the server
LDAP/Localhost. The failure code from authentication protocol Kerberos was "Ther
e are currently no logon servers available to service the logon request.
An Error Event occurred. EventID: 0x00000469
Time Generated: 07/16/2010 18:23:46
Event String:
The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
An Warning Event occurred. EventID: 0x00001695
Time Generated: 07/16/2010 18:23:50
Event String:
Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'des.com.' failed. These records are used by other computers
to locate this server as a domain controller (if the specified domain is an Act
ive Directory domain) or as an LDAP server (if the specified domain is an applic
ation partition).
An Warning Event occurred. EventID: 0x0000168D
Time Generated: 07/16/2010 18:24:02
Event String:
The following DNS server that is authoritative for the DNS domain co
ntroller locator records of this domain controller does not support dynamic DNS
updates:
An Error Event occurred. EventID: 0x00000422
Time Generated: 07/16/2010 18:24:13
Event String:
The processing of Group Policy failed. Windows attempted to read the
file \\des.com\SysVol\des.com\P
pt.ini from a domain controller and was not successful. Group Policy settings ma
y not be applied until this event is resolved. This issue may be transient and c
ould be caused by one or more of the following:
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Warning Event occurred. EventID: 0x80001116
Time Generated: 07/16/2010 18:27:01
Event String:
Windows Servicing identified that package KB955430(Update) is not ap
plicable for this system
An Error Event occurred. EventID: 0x000003FA
Time Generated: 07/16/2010 18:48:38
Event String:
The DHCP service failed to restore the database. The following error
occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:48:42
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:48:50
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:48:50
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Error Event occurred. EventID: 0x000003FB
Time Generated: 07/16/2010 18:49:18
Event String:
The DHCP service failed to restore the DHCP registry configuration.
The following error occurred:
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:49:20
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:49:28
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:49:28
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
An Warning Event occurred. EventID: 0x00000420
Time Generated: 07/16/2010 18:51:41
Event String:
The DHCP service has detected that it is running on a DC and has no
credentials configured for use with Dynamic DNS registrations initiated by the D
HCP service. This is not a recommended security configuration. Credentials fo
r Dynamic DNS registrations may be configured using the command line "netsh dhcp
server set dnscredentials" or via the DHCP Administrative tool.
An Warning Event occurred. EventID: 0x00002724
Time Generated: 07/16/2010 18:51:49
Event String:
This computer has at least one dynamically assigned IPv6 address.For
reliable DHCPv6 server operation, you should use only static IPv6 addresses.
An Error Event occurred. EventID: 0x00000411
Time Generated: 07/16/2010 18:51:49
Event String:
The DHCP service is not servicing any DHCPv4 clients because none of
the active network interfaces have statically configured IPv4 addresses, or the
re are no active interfaces.
......................... DES-DC1 failed test SystemLog
Starting test: VerifyReferences
......................... DES-DC1 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : des
Starting test: CheckSDRefDom
......................... des passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... des passed test CrossRefValidation
Running enterprise tests on : des.com
Starting test: LocatorCheck
......................... des.com passed test LocatorCheck
Starting test: Intersite
......................... des.com passed test Intersite
C:\Users\administrator.DES
ASKER
I love how its saying that I don't have a static ip assigned.... I do have one assigned...
ASKER
I don't have a static assigned on the Local Area Connection, only the Local Area Connection 3. Hyper-V is installed btw. So LAC3 is a replication. LAC only has Microsoft Virtual Network Switch Protocol.
There are lot of issue like time, sysvol replication, kdc, no static ip to server,at least one dynamically assigned IPv6 address.
ASKER
Okay so what does this mean I should do... also, I just noticed, windows is saying there are no more updates available... but its still at service pack 1... So I'm going to install service pack 2 manually.
Ok, Is the sysvol and netlogon shares are available on new server.
ASKER
File Services > Share and Storage Manager > Disk Management > Netlogon and Syvol are there. There both shared. Netlogon points to C:\Windows\SYSVOL\sysvol\d es.com\SCR IPTS Sysvol points to C:\Windows\SYSVOL\sysvol
ASKER
Weird... So I just got into work, turned on my laptop and it was able to pull an IP from the DHCP server... the new DHCP server. So I'm guessing it just needed time to switch over? The only weird thing is that when I load up the DHCP service on the 2008 server, it only shows some of the ips as active. The rest show up as inactive, but I know that those machines are on.
I would still like help fixing those errors you found if you don't mind.
I would still like help fixing those errors you found if you don't mind.
ASKER
Any update?
My health was not good, nice to hear that your laptop was able to pull an IP from the new DHCP server.
Have you configured correct DHCP Server Address Pool ?
How you come to know the some of the ips are active and the rest show up as inactive?
Always use "Address Leases" in DHCP console to check used and unused IP on network.
Have you configured correct DHCP Server Address Pool ?
How you come to know the some of the ips are active and the rest show up as inactive?
Always use "Address Leases" in DHCP console to check used and unused IP on network.
ASKER
I saw the Active and Inactive in the DHCP lease. If I add ips to the reservation, they show up as inactive. In theory, if the computer is connected, they should show up as active... but they don't lol.
inactive means that the address has not been given out. Did you set the devices for DHCP and reboot it so that it tries to obtain an address from your server?
...if you have the static IP set, then this will have no effect on DHCP... You need to clear the IP settings on the device and then set the it for DHCP. then reboot.
...if you have the static IP set, then this will have no effect on DHCP... You need to clear the IP settings on the device and then set the it for DHCP. then reboot.
ASKER
Okay, I'll give that a shot.
It seems I am still having problems with the DNS side. I have the old server set as a secondary now and the new one set as the primary. When I went to the secondary server and right clicked on the domain.com, then clicked reload, it says 'Failed to reload zone. The zone is locked for zone transfer or update.' I compared both of the Forward Lookup Zones on both servers and the secondary server doesn't have the newer computers listed in the zone, but the primary does. I don't think they are working together...
It seems I am still having problems with the DNS side. I have the old server set as a secondary now and the new one set as the primary. When I went to the secondary server and right clicked on the domain.com, then clicked reload, it says 'Failed to reload zone. The zone is locked for zone transfer or update.' I compared both of the Forward Lookup Zones on both servers and the secondary server doesn't have the newer computers listed in the zone, but the primary does. I don't think they are working together...
please post the result - "dcdiag /test:dns" and "dcdiag /q"
ASKER
Should I do this on both servers or just one?
ASKER
DC1:
dcdiag /test:dns
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag /test:dns
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DES-DC1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: DES-DC1.des.com
Domain: des.com
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not found
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Network Adapter
[00000007] Microsoft Virtual Network Switch Adapter:
Warning:
Missing AAAA record at DNS server 10.1.10.50:
DES-DC1.des.com
Warning:
Missing AAAA record at DNS server 10.1.10.50:
gc._msdcs.des.com
Warning: Record Registrations not found in some network adapters
DES-DC1 PASS WARN PASS PASS WARN WARN n/a
......................... des.com passed test DNS
C:\Users\administrator.DES >
dcdiag /q
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag /q
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/27/2010 14:38:00
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... DES-DC1 failed test SystemLog
C:\Users\administrator.DES >
dcdiag /test:dns
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DES-DC1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: DES-DC1.des.com
Domain: des.com
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not found
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Network Adapter
[00000007] Microsoft Virtual Network Switch Adapter:
Warning:
Missing AAAA record at DNS server 10.1.10.50:
DES-DC1.des.com
Warning:
Missing AAAA record at DNS server 10.1.10.50:
gc._msdcs.des.com
Warning: Record Registrations not found in some network adapters
DES-DC1 PASS WARN PASS PASS WARN WARN n/a
......................... des.com passed test DNS
C:\Users\administrator.DES
dcdiag /q
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/27/2010 14:38:00
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... DES-DC1 failed test SystemLog
C:\Users\administrator.DES
ASKER
DC2:
dcdiag /test:dns
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>dcd iag /test:dns
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE RVER
Starting test: Connectivity
The host a9306495-14d1-41c9-9cab-92 453cd93aa3 ._msdcs.de s.com could not
be resolved to an IP address. Check the DNS server, DHCP, server name,
etc.
......................... SERVER failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE RVER
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SERVER passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: Server.des.com
Domain: des.com
TEST: Basic (Basc)
Error: No LDAP connectivity
No host records (A or AAAA) were found for this DC
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ _________
Domain: des.com
Server PASS FAIL PASS PASS WARN FAIL n/a
......................... des.com failed test DNS
C:\Users\Administrator.DES SERVER>
dcdiag /q
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>dcd iag /q
The host a9306495-14d1-41c9-9cab-92 453cd93aa3 ._msdcs.de s.com could not
be resolved to an IP address. Check the DNS server, DHCP, server name,
etc.
......................... SERVER failed test Connectivity
C:\Users\Administrator.DES SERVER>\
dcdiag /test:dns
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE
Starting test: Connectivity
The host a9306495-14d1-41c9-9cab-92
be resolved to an IP address. Check the DNS server, DHCP, server name,
etc.
......................... SERVER failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... SERVER passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: Server.des.com
Domain: des.com
TEST: Basic (Basc)
Error: No LDAP connectivity
No host records (A or AAAA) were found for this DC
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: des.com
Server PASS FAIL PASS PASS WARN FAIL n/a
......................... des.com failed test DNS
C:\Users\Administrator.DES
dcdiag /q
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
The host a9306495-14d1-41c9-9cab-92
be resolved to an IP address. Check the DNS server, DHCP, server name,
etc.
......................... SERVER failed test Connectivity
C:\Users\Administrator.DES
ASKER
DC1 is the primary, its the operation master for AD and everything. DC2 is the old DC, which is going to be demoted soon, but I still have about another month before that.
Post ipconfig /all of both server.
ASKER
DES-DC1:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DES-DC1
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{91C03EC4-D749-44A1 -B414-8AE7 590C0
951}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\administrator.DES >
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Windows IP Configuration
Host Name . . . . . . . . . . . . : DES-DC1
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 8:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{91C03EC4-D749-44A1
951}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\administrator.DES
ASKER
DC2:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>ipc onfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-30-48-9D-20-34
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
Physical Address. . . . . . . . . : 00-30-48-9D-20-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC -A51A-2BD2 C44DB
589}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB -9C94-55B0 4F643
F2D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator.DES SERVER>
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-30-48-9D-20-34
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
Physical Address. . . . . . . . . : 00-30-48-9D-20-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC
589}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB
F2D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator.DES
Here is a problem!!!
1> DC1 ipconfig is perfect but need to remove/disable Tunnel adapter Local Area Connection* 8: on dc1.
2> DC2- install DNS server role on DC2 create zones then point itsself as primary DNS ie. 10.1.10.57 (current primary DNS Servers pointintg to DC1 ie. 10.1.10.50)
3> remove/disable all unneccessary NIC adapters on DC2 then run "repadmin /syncall" on DC1 it will replicate data to DC2.
1> DC1 ipconfig is perfect but need to remove/disable Tunnel adapter Local Area Connection* 8: on dc1.
2> DC2- install DNS server role on DC2 create zones then point itsself as primary DNS ie. 10.1.10.57 (current primary DNS Servers pointintg to DC1 ie. 10.1.10.50)
3> remove/disable all unneccessary NIC adapters on DC2 then run "repadmin /syncall" on DC1 it will replicate data to DC2.
ASKER
DC1 - In network connections, I only have LAC 1 and LAC 3, not 8.
ASKER
DC2 - DNS serve role is already installed. The zones are also on there already... should I just point itself to 10.1.10.57 and run repadmin /syncall?
ASKER
Okay, so I did what I asked about above. SyncAll terminated with no errors.
ASKER
DC1:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag /test:dns
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE S-DC1
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DES-DC1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: DES-DC1.des.com
Domain: des.com
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
DES-DC1 PASS PASS PASS PASS WARN PASS n/a
......................... des.com passed test DNS
C:\Users\administrator.DES >dcdiag /q
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/29/2010 00:35:17
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... DES-DC1 failed test SystemLog
C:\Users\administrator.DES >
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DES-DC1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DE
Starting test: Connectivity
......................... DES-DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DES-DC1 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: DES-DC1.des.com
Domain: des.com
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
DES-DC1 PASS PASS PASS PASS WARN PASS n/a
......................... des.com passed test DNS
C:\Users\administrator.DES
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/29/2010 00:35:17
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... DES-DC1 failed test SystemLog
C:\Users\administrator.DES
ASKER
DC2:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>dcd iag /test:dns
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE RVER
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE RVER
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
ERROR: NO DNS servers for IPV6 stack was found
......................... SERVER passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: Server.des.com
Domain: des.com
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not found
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Network Adapter
[00000015] Microsoft Virtual Network Switch Adapter:
Warning:
Missing AAAA record at DNS server 10.1.10.57:
Server.des.com
Warning:
Missing AAAA record at DNS server 10.1.10.57:
gc._msdcs.des.com
Warning: Record Registrations not found in some network adapters
Server PASS WARN PASS PASS WARN WARN n/a
......................... des.com passed test DNS
C:\Users\Administrator.DES SERVER>dcd iag /q
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/29/2010 00:39:46
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... SERVER failed test SystemLog
C:\Users\Administrator.DES SERVER>
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SE
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SE
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
ERROR: NO DNS servers for IPV6 stack was found
......................... SERVER passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : des
Running enterprise tests on : des.com
Starting test: DNS
Test results for domain controllers:
DC: Server.des.com
Domain: des.com
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not found
TEST: Dynamic update (Dyn)
Warning: Failed to add the test record _dcdiag_test_record in
zone des.com
TEST: Records registration (RReg)
Network Adapter
[00000015] Microsoft Virtual Network Switch Adapter:
Warning:
Missing AAAA record at DNS server 10.1.10.57:
Server.des.com
Warning:
Missing AAAA record at DNS server 10.1.10.57:
gc._msdcs.des.com
Warning: Record Registrations not found in some network adapters
Server PASS WARN PASS PASS WARN WARN n/a
......................... des.com passed test DNS
C:\Users\Administrator.DES
An Error Event occurred. EventID: 0xC0002719
Time Generated: 07/29/2010 00:39:46
Event String:
DCOM was unable to communicate with the computer 10.1.10.1 using any
of the configured protocols.
......................... SERVER failed test SystemLog
C:\Users\Administrator.DES
ASKER
DC2:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>ipc onfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-30-48-9D-20-34
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.57
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
Physical Address. . . . . . . . . : 00-30-48-9D-20-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC -A51A-2BD2 C44DB
589}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB -9C94-55B0 4F643
F2D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator.DES SERVER>
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-30-48-9D-20-34
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.57(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.57
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
Physical Address. . . . . . . . . : 00-30-48-9D-20-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{93C5C167-BBD7-4CDC
589}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 14:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DC4C7150-215D-48BB
F2D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Administrator.DES
ASKER
DC1:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DES-DC1
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
C:\Users\administrator.DES >
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
Windows IP Configuration
Host Name . . . . . . . . . . . . : DES-DC1
Primary Dns Suffix . . . . . . . : des.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : des.com
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Network Switch Adapter
#2
Physical Address. . . . . . . . . : 00-24-1D-DE-29-8C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.1.10.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.1.10.1
DNS Servers . . . . . . . . . . . : 10.1.10.50
NetBIOS over Tcpip. . . . . . . . : Enabled
C:\Users\administrator.DES
ASKER
dcdiag /q UPDATE
I change from 10.1.10.1 to 10.1.11.1.
DC1:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES >dcdiag /q
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
C:\Users\administrator.DES >
I change from 10.1.10.1 to 10.1.11.1.
DC1:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\administrator.DES
[SERVER] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
......................... DES-DC1 failed test Replications
C:\Users\administrator.DES
ASKER
DC2:
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES SERVER>dcd iag /q
C:\Users\Administrator.DES SERVER>
Nothing happens when I run this... I did repadmin /syncall again and it worked...
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:\Users\Administrator.DES
C:\Users\Administrator.DES
Nothing happens when I run this... I did repadmin /syncall again and it worked...
Ipconfig is fine now.
Everything seems good, nothing happens when you run dcdiag /q means dcdiag is clean. also repadmin is fine.
for safer side please disable all unwanted NICs.
Everything seems good, nothing happens when you run dcdiag /q means dcdiag is clean. also repadmin is fine.
for safer side please disable all unwanted NICs.
ASKER
So this means when I do demote the old domain controller, everything should remove smooth, even the DNS?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay, I demoted the DC and the old server still shows up in the DNS logs as a name server, ect. So I will just manually remove those entries. Thanks!
Yes, manually remove old server entries form DNS, AD user-computers and DSsites.
> To remove the failed server object from the sites
In Active Directory Sites and Services, expand the appropriate site.
Delete the server object associated with the failed domain controller.
> To remove the failed server object from the domain controllers container
In Active Directory Users and Computers, expand the domain controllers container.
Delete the computer object associated with the failed domain controller.
Windows Server 2003 AD might display a new type of question window, asking you if you want to delete the server object without performing a DCPROMO operation (which, of course, you cannot perform, otherwise you wouldn't be reading this article, would you...) Select "This DC is permanently offline..." and click on the Delete button.
AD will display another confirmation window. If you're sure that you want to delete the failed object, click Yes.
> To remove the failed server object from DNS
In the DNS snap-in, expand the zone that is related to the domain from where the server has been removed.
Remove the CNAME record in the _msdcs.root domain of forest zone in DNS. You should also delete the HOSTNAME and other DNS records.
If you have reverse lookup zones, also remove the server from these zones.
> To remove the failed server object from the sites
In Active Directory Sites and Services, expand the appropriate site.
Delete the server object associated with the failed domain controller.
> To remove the failed server object from the domain controllers container
In Active Directory Users and Computers, expand the domain controllers container.
Delete the computer object associated with the failed domain controller.
Windows Server 2003 AD might display a new type of question window, asking you if you want to delete the server object without performing a DCPROMO operation (which, of course, you cannot perform, otherwise you wouldn't be reading this article, would you...) Select "This DC is permanently offline..." and click on the Delete button.
AD will display another confirmation window. If you're sure that you want to delete the failed object, click Yes.
> To remove the failed server object from DNS
In the DNS snap-in, expand the zone that is related to the domain from where the server has been removed.
Remove the CNAME record in the _msdcs.root domain of forest zone in DNS. You should also delete the HOSTNAME and other DNS records.
If you have reverse lookup zones, also remove the server from these zones.
ASKER
Ok, thanks!
1. Promote new 2008 as a DC.
2. Install all roles on server, which are present on old DC.
3. Then transfer all FSMOs to new W2K8 DC and demote old Dc
4. Run metadata cleanup to remove remaining old DCs object in the Active Directory.
Delete Failed DCs from Active Directory: http://www.petri.co.il/delete_failed_dcs_from_ad.htm