additional windows 2008 R2 DC does not work
Hi everyone
I recently upgraded both my W2K3 domain controllers to W2K8 R2 . after that , when i restart the main domain controller , the domain is unavailable !
actually i find out that additional DC does not work as a Domain Controller !
I was run DCDIAG on additional DC and that's the result :
please attention :
SAPDC1 : MAIN DOMAIN CONTROLLER 172.31.16.1
SAPDC2 : ADDITIONAL DOMAIN CONTROLLER 172.31.16.2
Both of DC's Are DNS Server , And DNS integrated with Active Directory
Domain : Sapco.com
--------------------------
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = sapdc2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SA
Starting test: Connectivity
......................... SAPDC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SA
Starting test: Advertising
Warning: DsGetDcName returned information for \\SAPDC1.sapco.com, when
we were trying to reach SAPDC2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... SAPDC2 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SAPDC2 passed test FrsEvent
Starting test: DFSREvent
......................... SAPDC2 passed test DFSREvent
Starting test: SysVolCheck
......................... SAPDC2 passed test SysVolCheck
Starting test: KccEvent
......................... SAPDC2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SAPDC2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SAPDC2 passed test MachineAccount
Starting test: NCSecDesc
......................... SAPDC2 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\SAPDC2\netlogon)
[SAPDC2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... SAPDC2 failed test NetLogons
Starting test: ObjectsReplicated
......................... SAPDC2 passed test ObjectsReplicated
Starting test: Replications
......................... SAPDC2 passed test Replications
Starting test: RidManager
......................... SAPDC2 passed test RidManager
Starting test: Services
......................... SAPDC2 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x80050004
Time Generated: 09/21/2010 23:46:22
Event String:
Broadcom NetXtreme Gigabit Ethernet #2: The network link is down. C
heck to make sure the network cable is properly connected.
A warning event occurred. EventID: 0x8000001D
Time Generated: 09/21/2010 23:46:32
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
A warning event occurred. EventID: 0x000003F6
Time Generated: 09/21/2010 23:46:41
Event String:
Name resolution for the name _ldap._tcp.dc._msdcs.sapco
t after none of the configured DNS servers responded.
An error event occurred. EventID: 0xC0FF05DC
Time Generated: 09/21/2010 23:47:07
Event String:
The SNMP Service encountered an error while accessing the registry k
ey SYSTEM\CurrentControlSet\S
A warning event occurred. EventID: 0x0000043D
Time Generated: 09/21/2010 23:47:31
Event String:
Windows failed to apply the Microsoft Disk Quota settings. Microsoft
Disk Quota settings might have its own log file. Please click on the "More info
rmation" link.
An error event occurred. EventID: 0x00000457
Time Generated: 09/21/2010 23:48:47
Event String:
Driver Brother DCP-8065DN USB Printer required for printer Brother D
CP-8065DN USB Printer is unknown. Contact the administrator to install the drive
r before you log in again.
A warning event occurred. EventID: 0x000003F6
Time Generated: 09/22/2010 00:08:08
Event String:
Name resolution for the name www.microsoft.com timed out after none
of the configured DNS servers responded.
......................... SAPDC2 failed test SystemLog
Starting test: VerifyReferences
......................... SAPDC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : sapco
Starting test: CheckSDRefDom
......................... sapco passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... sapco passed test CrossRefValidation
Running enterprise tests on : sapco.com
Starting test: LocatorCheck
......................... sapco.com passed test LocatorCheck
Starting test: Intersite
......................... sapco.com passed test Intersite
I recently upgraded both my W2K3 domain controllers to W2K8 R2 . after that , when i restart the main domain controller , the domain is unavailable !
actually i find out that additional DC does not work as a Domain Controller !
I was run DCDIAG on additional DC and that's the result :
please attention :
SAPDC1 : MAIN DOMAIN CONTROLLER 172.31.16.1
SAPDC2 : ADDITIONAL DOMAIN CONTROLLER 172.31.16.2
Both of DC's Are DNS Server , And DNS integrated with Active Directory
Domain : Sapco.com
--------------------------
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = sapdc2
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SA
Starting test: Connectivity
......................... SAPDC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SA
Starting test: Advertising
Warning: DsGetDcName returned information for \\SAPDC1.sapco.com, when
we were trying to reach SAPDC2.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... SAPDC2 failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SAPDC2 passed test FrsEvent
Starting test: DFSREvent
......................... SAPDC2 passed test DFSREvent
Starting test: SysVolCheck
......................... SAPDC2 passed test SysVolCheck
Starting test: KccEvent
......................... SAPDC2 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SAPDC2 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SAPDC2 passed test MachineAccount
Starting test: NCSecDesc
......................... SAPDC2 passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\SAPDC2\netlogon)
[SAPDC2] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... SAPDC2 failed test NetLogons
Starting test: ObjectsReplicated
......................... SAPDC2 passed test ObjectsReplicated
Starting test: Replications
......................... SAPDC2 passed test Replications
Starting test: RidManager
......................... SAPDC2 passed test RidManager
Starting test: Services
......................... SAPDC2 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x80050004
Time Generated: 09/21/2010 23:46:22
Event String:
Broadcom NetXtreme Gigabit Ethernet #2: The network link is down. C
heck to make sure the network cable is properly connected.
A warning event occurred. EventID: 0x8000001D
Time Generated: 09/21/2010 23:46:32
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
A warning event occurred. EventID: 0x000003F6
Time Generated: 09/21/2010 23:46:41
Event String:
Name resolution for the name _ldap._tcp.dc._msdcs.sapco
t after none of the configured DNS servers responded.
An error event occurred. EventID: 0xC0FF05DC
Time Generated: 09/21/2010 23:47:07
Event String:
The SNMP Service encountered an error while accessing the registry k
ey SYSTEM\CurrentControlSet\S
A warning event occurred. EventID: 0x0000043D
Time Generated: 09/21/2010 23:47:31
Event String:
Windows failed to apply the Microsoft Disk Quota settings. Microsoft
Disk Quota settings might have its own log file. Please click on the "More info
rmation" link.
An error event occurred. EventID: 0x00000457
Time Generated: 09/21/2010 23:48:47
Event String:
Driver Brother DCP-8065DN USB Printer required for printer Brother D
CP-8065DN USB Printer is unknown. Contact the administrator to install the drive
r before you log in again.
A warning event occurred. EventID: 0x000003F6
Time Generated: 09/22/2010 00:08:08
Event String:
Name resolution for the name www.microsoft.com timed out after none
of the configured DNS servers responded.
......................... SAPDC2 failed test SystemLog
Starting test: VerifyReferences
......................... SAPDC2 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : sapco
Starting test: CheckSDRefDom
......................... sapco passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... sapco passed test CrossRefValidation
Running enterprise tests on : sapco.com
Starting test: LocatorCheck
......................... sapco.com passed test LocatorCheck
Starting test: Intersite
......................... sapco.com passed test Intersite
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much.
http://support.microsoft.com/kb/967336/en-us
Thanks
Mike