?
Solved

windows 2008 DC

Posted on 2010-09-08
5
Medium Priority
?
940 Views
Last Modified: 2012-05-10
hi experts,

Two DCs, SV01 and SV03

logged in as a domain admin, run the dcdiag and repadmin from both servers. SV01 passed all test but SV03 has errors as shown below. From dcdiag results, SV03 passed all test except Netlogon and replication. From repadmin /showrepl, last two lines showed denied access. Please advise on how to identify the cause of the failed test.


### DCDIAG Output for SV03####

Starting test: NetLogons

         * Network Logons Privileges Check
         Verified share \\SV03\netlogon
         Verified share \\SV03\sysvol
         [SV03] User credentials does not have permission to perform this
         operation.
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... SV03 failed test NetLogons

Starting test: Replications
         * Replications Check
         [Replications Check,SV03] DsReplicaGetInfo(PENDING_OPS, NULL)
         failed, error 0x2105 "Replication access was denied."
         ......................... SV03 failed test Replications



### REPADMIN /SHOWREPL for SV03####


==== INBOUND NEIGHBORS ======================================


DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:54:08 was successful.

CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

CN=Schema,CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=DomainDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=ForestDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

 
0
Comment
Question by:kenny_klbn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 11

Accepted Solution

by:
Coast-IT earned 1000 total points
ID: 33634228
Have a look at this thread ;

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23527747.html

I know it says 2003, but same rules apply.
0
 
LVL 13

Assisted Solution

by:Kini pradeep
Kini pradeep earned 1000 total points
ID: 33635501
Is any of these domain controllers a RODC ?
have you run Dcdiag /V in a verbose mode?

could you run the repadmin from Start-Programs-Administrative Tools-Server Manager
Roles-Active Directory Domain Services
Advanced Tools - Repamin.exe and run repadmin /showreps from this cmd prompt

 i have seen issues with the repadmin tool itself.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33637306
Check the permissions on the Netlogon and SYSVOl folders make sure you have the correct permissions listed.
0
 
LVL 6

Expert Comment

by:mattconroy
ID: 33638983
Are there any 2003 DC's in your environment. If so; have you ever done an authoritative restore on the 2003 DC's?
0
 

Author Closing Comment

by:kenny_klbn
ID: 33786113
done
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month13 days, 23 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question