Solved

windows 2008 DC

Posted on 2010-09-08
5
934 Views
Last Modified: 2012-05-10
hi experts,

Two DCs, SV01 and SV03

logged in as a domain admin, run the dcdiag and repadmin from both servers. SV01 passed all test but SV03 has errors as shown below. From dcdiag results, SV03 passed all test except Netlogon and replication. From repadmin /showrepl, last two lines showed denied access. Please advise on how to identify the cause of the failed test.


### DCDIAG Output for SV03####

Starting test: NetLogons

         * Network Logons Privileges Check
         Verified share \\SV03\netlogon
         Verified share \\SV03\sysvol
         [SV03] User credentials does not have permission to perform this
         operation.
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... SV03 failed test NetLogons

Starting test: Replications
         * Replications Check
         [Replications Check,SV03] DsReplicaGetInfo(PENDING_OPS, NULL)
         failed, error 0x2105 "Replication access was denied."
         ......................... SV03 failed test Replications



### REPADMIN /SHOWREPL for SV03####


==== INBOUND NEIGHBORS ======================================


DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:54:08 was successful.

CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

CN=Schema,CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=DomainDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=ForestDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

 
0
Comment
Question by:kenny_klbn
5 Comments
 
LVL 11

Accepted Solution

by:
Coast-IT earned 250 total points
ID: 33634228
Have a look at this thread ;

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23527747.html

I know it says 2003, but same rules apply.
0
 
LVL 13

Assisted Solution

by:Kini pradeep
Kini pradeep earned 250 total points
ID: 33635501
Is any of these domain controllers a RODC ?
have you run Dcdiag /V in a verbose mode?

could you run the repadmin from Start-Programs-Administrative Tools-Server Manager
Roles-Active Directory Domain Services
Advanced Tools - Repamin.exe and run repadmin /showreps from this cmd prompt

 i have seen issues with the repadmin tool itself.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33637306
Check the permissions on the Netlogon and SYSVOl folders make sure you have the correct permissions listed.
0
 
LVL 6

Expert Comment

by:mattconroy
ID: 33638983
Are there any 2003 DC's in your environment. If so; have you ever done an authoritative restore on the 2003 DC's?
0
 

Author Closing Comment

by:kenny_klbn
ID: 33786113
done
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
User wants to log with Username or Email 4 47
Join with a SQL Server STUFF 5 33
Reverse DND setup 6 38
Domain Administrator locked out "Again" 7 52
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question