[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

windows 2008 DC

Posted on 2010-09-08
5
Medium Priority
?
944 Views
Last Modified: 2012-05-10
hi experts,

Two DCs, SV01 and SV03

logged in as a domain admin, run the dcdiag and repadmin from both servers. SV01 passed all test but SV03 has errors as shown below. From dcdiag results, SV03 passed all test except Netlogon and replication. From repadmin /showrepl, last two lines showed denied access. Please advise on how to identify the cause of the failed test.


### DCDIAG Output for SV03####

Starting test: NetLogons

         * Network Logons Privileges Check
         Verified share \\SV03\netlogon
         Verified share \\SV03\sysvol
         [SV03] User credentials does not have permission to perform this
         operation.
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... SV03 failed test NetLogons

Starting test: Replications
         * Replications Check
         [Replications Check,SV03] DsReplicaGetInfo(PENDING_OPS, NULL)
         failed, error 0x2105 "Replication access was denied."
         ......................... SV03 failed test Replications



### REPADMIN /SHOWREPL for SV03####


==== INBOUND NEIGHBORS ======================================


DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:54:08 was successful.

CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

CN=Schema,CN=Configuration,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=DomainDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DC=ForestDnsZones,DC=rba,DC=com,DC=bn
    RR-site\SV01 via RPC
        DSA object GUID: fa144525-f3d1-49e0-96e1-ea7dac2eaad7
        Last attempt @ 2010-09-09 13:51:35 was successful.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

DsReplicaGetInfo() failed with status 8453 (0x2105):
    Replication access was denied.

 
0
Comment
Question by:kenny_klbn
5 Comments
 
LVL 11

Accepted Solution

by:
Coast-IT earned 1000 total points
ID: 33634228
Have a look at this thread ;

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23527747.html

I know it says 2003, but same rules apply.
0
 
LVL 13

Assisted Solution

by:Kini pradeep
Kini pradeep earned 1000 total points
ID: 33635501
Is any of these domain controllers a RODC ?
have you run Dcdiag /V in a verbose mode?

could you run the repadmin from Start-Programs-Administrative Tools-Server Manager
Roles-Active Directory Domain Services
Advanced Tools - Repamin.exe and run repadmin /showreps from this cmd prompt

 i have seen issues with the repadmin tool itself.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33637306
Check the permissions on the Netlogon and SYSVOl folders make sure you have the correct permissions listed.
0
 
LVL 6

Expert Comment

by:mattconroy
ID: 33638983
Are there any 2003 DC's in your environment. If so; have you ever done an authoritative restore on the 2003 DC's?
0
 

Author Closing Comment

by:kenny_klbn
ID: 33786113
done
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question