Joe
asked on
file replication errors between domain controllers
We are using windows server 2003 and having problems with FRS. We are receiving the following error.
The following error occurred duringthe attempt to synchronize the naming context %domainname% from the domain controller %servername% to domain controller %servername%. the naming context is in the process of being removed or is not replicated from the specified server.
Our Primary domain controller has been down for five hours please help!!!
The following error occurred duringthe attempt to synchronize the naming context %domainname% from the domain controller %servername% to domain controller %servername%. the naming context is in the process of being removed or is not replicated from the specified server.
Our Primary domain controller has been down for five hours please help!!!
First can you check the event viewer for what error you are getting?
From your DC run this command and check whether any error found.
DCDIAG /D /C /V
NETDIAG /DEBUG /V
Also manually try to replicate from dssite.msc -----ntds settings---replicate now.
From your DC run this command and check whether any error found.
DCDIAG /D /C /V
NETDIAG /DEBUG /V
Also manually try to replicate from dssite.msc -----ntds settings---replicate now.
ASKER
The events are just saying cannot connect with DC01.
We have already run a DCDIAG /debug /v
Also we have already manually replicated.
no luck
We have already run a DCDIAG /debug /v
Also we have already manually replicated.
no luck
ASKER
We are getting the error when running a DCDIAG /e
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes
Replication Synchronization
Manage Replication Topology
access rights for the naming context:
DC=rdigest,DC=com
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes
Replication Synchronization
Manage Replication Topology
access rights for the naming context:
DC=rdigest,DC=com
ASKER
The above error is now fixed after giving administrators permissions to domain controllers in AD.
now we are getting the folling error in DCDIAG
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
now we are getting the folling error in DCDIAG
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
To monitor and find issues with frs you can also use these two tools.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
http://www.microsoft.com/windowsserversystem/dfs/tshootfrs.mspx
Can you run repadmin /showreps and post the errors it returns?
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&displaylang=en
http://www.microsoft.com/windowsserversystem/dfs/tshootfrs.mspx
Can you run repadmin /showreps and post the errors it returns?
ASKER
here are the results of the repadmin
C:\WINNT\system32>repadmin /showreps
Default-First-Site-Name\CV N75UCSDC02
DC Options: IS_GC
Site Options: (none)
DC object GUID: 2565f65b-e9b5-473a-bd09-2b 3c06248424
DC invocationID: 77bb8bb0-6537-4e41-9e47-be c9409daf25
==== INBOUND NEIGHBORS ========================== ========== ==
DC=cvn75,DC=navy,DC=mil
Default-First-Site-Name\CV N75UCSDC01 via RPC
DC object GUID: c765e94a-a8e1-4329-b4d6-55 8f3f35109c
Last attempt @ 2010-10-17 00:37:47 was successful.
CN=Configuration,DC=cvn75, DC=navy,DC =mil
Default-First-Site-Name\CV N75UCSDC01 via RPC
DC object GUID: c765e94a-a8e1-4329-b4d6-55 8f3f35109c
Last attempt @ 2010-10-17 00:34:14 was successful.
CN=Schema,CN=Configuration ,DC=cvn75, DC=navy,DC =mil
Default-First-Site-Name\CV N75UCSDC01 via RPC
DC object GUID: c765e94a-a8e1-4329-b4d6-55 8f3f35109c
Last attempt @ 2010-10-17 00:33:28 was successful.
No errors
I will try those two tools
Thanks
C:\WINNT\system32>repadmin
Default-First-Site-Name\CV
DC Options: IS_GC
Site Options: (none)
DC object GUID: 2565f65b-e9b5-473a-bd09-2b
DC invocationID: 77bb8bb0-6537-4e41-9e47-be
==== INBOUND NEIGHBORS ==========================
DC=cvn75,DC=navy,DC=mil
Default-First-Site-Name\CV
DC object GUID: c765e94a-a8e1-4329-b4d6-55
Last attempt @ 2010-10-17 00:37:47 was successful.
CN=Configuration,DC=cvn75,
Default-First-Site-Name\CV
DC object GUID: c765e94a-a8e1-4329-b4d6-55
Last attempt @ 2010-10-17 00:34:14 was successful.
CN=Schema,CN=Configuration
Default-First-Site-Name\CV
DC object GUID: c765e94a-a8e1-4329-b4d6-55
Last attempt @ 2010-10-17 00:33:28 was successful.
No errors
I will try those two tools
Thanks
ASKER
C:\WINNT\system32>dcdiag /d /c /v
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine cvn75ucsdc02, is a DC.
* Connecting to directory service on server cvn75ucsdc02.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\CV N75UCSDC02
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... CVN75UCSDC02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CV N75UCSDC02
Starting test: Replications
* Replications Check
[CVN75UCSDC01] DsBindWithSpnEx() failed with error 5,
Access is denied..
* Replication Latency Check
DC=ForestDnsZones,DC=cvn75 ,DC=navy,D C=mil
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=cvn75 ,DC=navy,D C=mil
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration ,DC=cvn75, DC=navy,DC =mil
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=cvn75, DC=navy,DC =mil
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=cvn75,DC=navy,DC=mil
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... CVN75UCSDC02 passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=cvn75 ,DC=navy,D C=mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=cvn75 ,DC=navy,D C=mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration ,DC=cvn75, DC=navy,DC =mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=cvn75, DC=navy,DC =mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=cvn75,DC=navy,DC=mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CVN75UCSDC02 passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=cvn75 ,DC=navy,D C=mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=cvn75 ,DC=navy,D C=mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration ,DC=cvn75, DC=navy,DC =mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for CN=Configuration,DC=cvn75, DC=navy,DC =mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for DC=cvn75,DC=navy,DC=mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
......................... CVN75UCSDC02 passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CVN75UCSDC02.
* Security Permissions Check for
DC=ForestDnsZones,DC=cvn75 ,DC=navy,D C=mil
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=cvn75 ,DC=navy,D C=mil
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration ,DC=cvn75, DC=navy,DC =mil
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=cvn75, DC=navy,DC =mil
(Configuration,Version 2)
* Security Permissions Check for
DC=cvn75,DC=navy,DC=mil
(Domain,Version 2)
......................... CVN75UCSDC02 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CVN75UCSDC02\netlogon
Verified share \\CVN75UCSDC02\sysvol
......................... CVN75UCSDC02 passed test NetLogons
Starting test: Advertising
The DC CVN75UCSDC02 is advertising itself as a DC and having a DS.
The DC CVN75UCSDC02 is advertising as an LDAP server
The DC CVN75UCSDC02 is advertising as having a writeable directory
The DC CVN75UCSDC02 is advertising as a Key Distribution Center
The DC CVN75UCSDC02 is advertising as a time server
The DS CVN75UCSDC02 is advertising as a GC.
......................... CVN75UCSDC02 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
Warning: CVN75UCSDC01 is the Schema Owner, but is not responding to DS RPC Bind.
Role Domain Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
Warning: CVN75UCSDC01 is the Domain Owner, but is not responding to DS RPC Bind.
Role PDC Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
Warning: CVN75UCSDC01 is the PDC Owner, but is not responding to DS RPC Bind.
Role Rid Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
Warning: CVN75UCSDC01 is the Rid Owner, but is not responding to DS RPC Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
Warning: CVN75UCSDC01 is the Infrastructure Update Owner, but is not responding to DS RPC Bind.
......................... CVN75UCSDC02 failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 54457 to 1073741823
* cvn75ucsdc01.cvn75.navy.mi l is the RID Master
......................... CVN75UCSDC02 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC CVN75UCSDC02 on DC CVN75UCSDC02.
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil/cv n75.navy.m il
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil
* SPN found :LDAP/CVN75UCSDC02
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil/CV N75
* SPN found :LDAP/2565f65b-e9b5-473a-b d09-2b3c06 248424._ms dcs.cvn75. navy.mil
* SPN found :E3514235-4B06-11D1-AB04-0 0C04FC2DCD 2/2565f65b -e9b5-473a -bd09-2b3c 06248424/c vn75.navy. mil
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil/cv n75.navy.m il
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil
* SPN found :HOST/CVN75UCSDC02
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil/CV N75
* SPN found :GC/cvn75ucsdc02.cvn75.nav y.mil/cvn7 5.navy.mil
......................... CVN75UCSDC02 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CVN75UCSDC02 passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... CVN75UCSDC02 passed test OutboundSecureChannels
Starting test: ObjectsReplicated
CVN75UCSDC02 is in domain DC=cvn75,DC=navy,DC=mil
Checking for CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na vy,DC=mil in domain DC=cvn75,DC=navy,DC=mil on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CVN75UCSDC02,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil in domain CN=Configuration,DC=cvn75, DC=navy,DC =mil on 1 servers
Object is up-to-date on all servers.
......................... CVN75UCSDC02 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CVN75UCSDC02 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... CVN75UCSDC02 passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x8000043B
Time Generated: 10/17/2010 00:43:26
(Event String could not be retrieved)
......................... CVN75UCSDC02 failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/17/2010 00:48:45
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/17/2010 00:49:10
(Event String could not be retrieved)
......................... CVN75UCSDC02 failed test systemlog
Starting test: VerifyReplicas
......................... CVN75UCSDC02 passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na vy,DC=mil and
backlink on
CN=CVN75UCSDC02,CN=Servers ,CN=Defaul t-First-Si te-Name,CN =Sites,CN= Configurat ion,DC=cvn 75,DC=navy ,DC=mil
are correct.
The system object reference (frsComputerReferenceBL)
CN={2ab92b6e-7c36-47ab-92b 8-7f31bc3e bc06},CN=C OMPOSEDFSR oot|Logs,C N=COMPOSED FSRoot,CN= DFS Volumes,CN=File Replication Service,CN=System,DC=cvn75 ,DC=navy,D C=mil
and backlink on
CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na vy,DC=mil are
correct.
The system object reference (serverReferenceBL)
CN=CVN75UCSDC02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cvn75 ,DC=navy,D C=mil
and backlink on
CN=NTDS Settings,CN=CVN75UCSDC02,C N=Servers, CN=Default -First-Sit e-Name,CN= Sites,CN=C onfigurati on,DC=cvn7 5,DC=navy, DC=mil
are correct.
......................... CVN75UCSDC02 passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... CVN75UCSDC02 passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CVN75UCSDC02 for domain cvn75.navy.mil in site Default-First-Site-Name
Checking machine account for DC CVN75UCSDC02 on DC CVN75UCSDC02.
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil/cv n75.navy.m il
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil
* SPN found :LDAP/CVN75UCSDC02
* SPN found :LDAP/cvn75ucsdc02.cvn75.n avy.mil/CV N75
* SPN found :LDAP/2565f65b-e9b5-473a-b d09-2b3c06 248424._ms dcs.cvn75. navy.mil
* SPN found :E3514235-4B06-11D1-AB04-0 0C04FC2DCD 2/2565f65b -e9b5-473a -bd09-2b3c 06248424/c vn75.navy. mil
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil/cv n75.navy.m il
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil
* SPN found :HOST/CVN75UCSDC02
* SPN found :HOST/cvn75ucsdc02.cvn75.n avy.mil/CV N75
* SPN found :GC/cvn75ucsdc02.cvn75.nav y.mil/cvn7 5.navy.mil
[CVN75UCSDC02] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... CVN75UCSDC02 passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : cvn75
Starting test: CrossRefValidation
......................... cvn75 passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... cvn75 passed test CheckSDRefDom
Running enterprise tests on : cvn75.navy.mil
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... cvn75.navy.mil passed test Intersite
Starting test: FsmoCheck
GC Name: \\cvn75ucsdc02.cvn75.navy. mil
Locator Flags: 0xe00001fc
PDC Name: \\cvn75ucsdc01.cvn75.navy. mil
Locator Flags: 0xe00003fd
Time Server Name: \\cvn75ucsdc02.cvn75.navy. mil
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\cvn75ucsdc01.cvn75.navy. mil
Locator Flags: 0xe00003fd
KDC Name: \\cvn75ucsdc02.cvn75.navy. mil
Locator Flags: 0xe00001fc
......................... cvn75.navy.mil passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: cvn75ucsdc02.cvn75.navy.mi l
Domain: cvn75.navy.mil
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition (Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000011] HP Network Teaming Virtual Miniport Driver:
MAC address is 00:11:0A:5B:3A:9E
IP address is static
IP address: 205.63.0.21
DNS servers:
205.63.0.20 (<name unavailable>) [Valid]
205.63.0.21 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
157.153.3.240 (<name unavailable>) [Valid]
TEST: Delegations (Del)
No delegations were found in this zone on this DNS server
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone cvn75.navy.mil.
Test record _dcdiag_test_record added successfully in zone cvn75.navy.mil.
Test record _dcdiag_test_record deleted successfully in zone cvn75.navy.mil.
TEST: Records registration (RReg)
Network Adapter [00000011] HP Network Teaming Virtual Miniport Driver:
Matching A record found at DNS server 205.63.0.20:
cvn75ucsdc02.cvn75.navy.mi l
Matching CNAME record found at DNS server 205.63.0.20:
2565f65b-e9b5-473a-bd09-2b 3c06248424 ._msdcs.cv n75.navy.m il
Matching DC SRV record found at DNS server 205.63.0.20:
_ldap._tcp.dc._msdcs.cvn75 .navy.mil
Matching GC SRV record found at DNS server 205.63.0.20:
_ldap._tcp.gc._msdcs.cvn75 .navy.mil
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 157.153.3.240 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 205.63.0.20 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
DNS server: 205.63.0.21 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ ________
Domain: cvn75.navy.mil
cvn75ucsdc02 PASS PASS PASS PASS PASS PASS n/a
......................... cvn75.navy.mil passed test DNS
Here are the result for the DCDIAG /D /C /V sorry it is long
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine cvn75ucsdc02, is a DC.
* Connecting to directory service on server cvn75ucsdc02.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\CV
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... CVN75UCSDC02 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\CV
Starting test: Replications
* Replications Check
[CVN75UCSDC01] DsBindWithSpnEx() failed with error 5,
Access is denied..
* Replication Latency Check
DC=ForestDnsZones,DC=cvn75
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=cvn75
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=cvn75,
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=cvn75,DC=navy,DC=mil
Latency information for 7 entries in the vector were ignored.
7 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... CVN75UCSDC02 passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for DC=ForestDnsZones,DC=cvn75
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=DomainDnsZones,DC=cvn75
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Schema,CN=Configuration
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for CN=Configuration,DC=cvn75,
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=cvn75,DC=navy,DC=mil.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... CVN75UCSDC02 passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=cvn75
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=cvn75
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for CN=Configuration,DC=cvn75,
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Analyzing the alive system replication topology for DC=cvn75,DC=navy,DC=mil.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified for this replication operation is invalid..
......................... CVN75UCSDC02 passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CVN75UCSDC02.
* Security Permissions Check for
DC=ForestDnsZones,DC=cvn75
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=cvn75
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=cvn75,
(Configuration,Version 2)
* Security Permissions Check for
DC=cvn75,DC=navy,DC=mil
(Domain,Version 2)
......................... CVN75UCSDC02 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\CVN75UCSDC02\netlogon
Verified share \\CVN75UCSDC02\sysvol
......................... CVN75UCSDC02 passed test NetLogons
Starting test: Advertising
The DC CVN75UCSDC02 is advertising itself as a DC and having a DS.
The DC CVN75UCSDC02 is advertising as an LDAP server
The DC CVN75UCSDC02 is advertising as having a writeable directory
The DC CVN75UCSDC02 is advertising as a Key Distribution Center
The DC CVN75UCSDC02 is advertising as a time server
The DS CVN75UCSDC02 is advertising as a GC.
......................... CVN75UCSDC02 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C
Warning: CVN75UCSDC01 is the Schema Owner, but is not responding to DS RPC Bind.
Role Domain Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C
Warning: CVN75UCSDC01 is the Domain Owner, but is not responding to DS RPC Bind.
Role PDC Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C
Warning: CVN75UCSDC01 is the PDC Owner, but is not responding to DS RPC Bind.
Role Rid Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C
Warning: CVN75UCSDC01 is the Rid Owner, but is not responding to DS RPC Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=CVN75UCSDC01,C
Warning: CVN75UCSDC01 is the Infrastructure Update Owner, but is not responding to DS RPC Bind.
......................... CVN75UCSDC02 failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 54457 to 1073741823
* cvn75ucsdc01.cvn75.navy.mi
......................... CVN75UCSDC02 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC CVN75UCSDC02 on DC CVN75UCSDC02.
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/CVN75UCSDC02
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/2565f65b-e9b5-473a-b
* SPN found :E3514235-4B06-11D1-AB04-0
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :HOST/CVN75UCSDC02
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :GC/cvn75ucsdc02.cvn75.nav
......................... CVN75UCSDC02 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CVN75UCSDC02 passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... CVN75UCSDC02 passed test OutboundSecureChannels
Starting test: ObjectsReplicated
CVN75UCSDC02 is in domain DC=cvn75,DC=navy,DC=mil
Checking for CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CVN75UCSDC02,C
Object is up-to-date on all servers.
......................... CVN75UCSDC02 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... CVN75UCSDC02 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... CVN75UCSDC02 passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x8000043B
Time Generated: 10/17/2010 00:43:26
(Event String could not be retrieved)
......................... CVN75UCSDC02 failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/17/2010 00:48:45
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 10/17/2010 00:49:10
(Event String could not be retrieved)
......................... CVN75UCSDC02 failed test systemlog
Starting test: VerifyReplicas
......................... CVN75UCSDC02 passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na
backlink on
CN=CVN75UCSDC02,CN=Servers
are correct.
The system object reference (frsComputerReferenceBL)
CN={2ab92b6e-7c36-47ab-92b
and backlink on
CN=CVN75UCSDC02,OU=Domain Controllers,DC=cvn75,DC=na
correct.
The system object reference (serverReferenceBL)
CN=CVN75UCSDC02,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=cvn75
and backlink on
CN=NTDS Settings,CN=CVN75UCSDC02,C
are correct.
......................... CVN75UCSDC02 passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... CVN75UCSDC02 passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC CVN75UCSDC02 for domain cvn75.navy.mil in site Default-First-Site-Name
Checking machine account for DC CVN75UCSDC02 on DC CVN75UCSDC02.
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/CVN75UCSDC02
* SPN found :LDAP/cvn75ucsdc02.cvn75.n
* SPN found :LDAP/2565f65b-e9b5-473a-b
* SPN found :E3514235-4B06-11D1-AB04-0
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :HOST/CVN75UCSDC02
* SPN found :HOST/cvn75ucsdc02.cvn75.n
* SPN found :GC/cvn75ucsdc02.cvn75.nav
[CVN75UCSDC02] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... CVN75UCSDC02 passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : cvn75
Starting test: CrossRefValidation
......................... cvn75 passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... cvn75 passed test CheckSDRefDom
Running enterprise tests on : cvn75.navy.mil
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... cvn75.navy.mil passed test Intersite
Starting test: FsmoCheck
GC Name: \\cvn75ucsdc02.cvn75.navy.
Locator Flags: 0xe00001fc
PDC Name: \\cvn75ucsdc01.cvn75.navy.
Locator Flags: 0xe00003fd
Time Server Name: \\cvn75ucsdc02.cvn75.navy.
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\cvn75ucsdc01.cvn75.navy.
Locator Flags: 0xe00003fd
KDC Name: \\cvn75ucsdc02.cvn75.navy.
Locator Flags: 0xe00001fc
......................... cvn75.navy.mil passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: cvn75ucsdc02.cvn75.navy.mi
Domain: cvn75.navy.mil
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition (Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000011] HP Network Teaming Virtual Miniport Driver:
MAC address is 00:11:0A:5B:3A:9E
IP address is static
IP address: 205.63.0.21
DNS servers:
205.63.0.20 (<name unavailable>) [Valid]
205.63.0.21 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
157.153.3.240 (<name unavailable>) [Valid]
TEST: Delegations (Del)
No delegations were found in this zone on this DNS server
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone cvn75.navy.mil.
Test record _dcdiag_test_record added successfully in zone cvn75.navy.mil.
Test record _dcdiag_test_record deleted successfully in zone cvn75.navy.mil.
TEST: Records registration (RReg)
Network Adapter [00000011] HP Network Teaming Virtual Miniport Driver:
Matching A record found at DNS server 205.63.0.20:
cvn75ucsdc02.cvn75.navy.mi
Matching CNAME record found at DNS server 205.63.0.20:
2565f65b-e9b5-473a-bd09-2b
Matching DC SRV record found at DNS server 205.63.0.20:
_ldap._tcp.dc._msdcs.cvn75
Matching GC SRV record found at DNS server 205.63.0.20:
_ldap._tcp.gc._msdcs.cvn75
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 157.153.3.240 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 205.63.0.20 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
DNS server: 205.63.0.21 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: cvn75.navy.mil
cvn75ucsdc02 PASS PASS PASS PASS PASS PASS n/a
......................... cvn75.navy.mil passed test DNS
Here are the result for the DCDIAG /D /C /V sorry it is long
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you run dcdiag on the Primary DC?
What are the event ids?
Did you try to transfer the fsmo roles to your backup DC?