Solved

Addtional DC 2008 in Existing 2003 AD network

Posted on 2011-03-04
21
611 Views
Last Modified: 2012-05-11
Aftre DC 2008 installed in Existing 2003 network , moved all 5 roles to new AD 2008 DC .
Symproms

1) but group policy cannot be accessed trough new 2008 domain controller
2) Warning: DcGetDcName(TIME_SERVER) call failed, error 1355, PDC role is down , while DC diag ,

what will be the cause and solution
0
Comment
Question by:harispm
  • 14
  • 7
21 Comments
 
LVL 74

Assisted Solution

by:Glen Knight
Glen Knight earned 40 total points
ID: 35041978
Where are you seeing that error? Is it on the 2008 server?

Is the 2008 server also a DNS server? If so check it's using 127.0.0.1 in the newtwork card TCP/IP properties for DNS, there shouldnt be any other ns entries here.

If you make any changes above restart the NETLOGON service.

If you e done that and it's still a problem then try setting the bur flags setting to D4 as per: http://support.microsoft.com/kb/290762

When all that's done (and you have given it half an hour or so to sort itself out) run DCDIAG /FIX

do you still have the same problem?
0
 

Author Comment

by:harispm
ID: 35043071

Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.

This error is getting from both DC (2003 and 2008 ) after I moved the 5 roles from 2003 DC t o 2008 DC
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 40 total points
ID: 35043113
Did you try setting the burflags on the 2008 server as per the article to D4?
0
 

Author Comment

by:harispm
ID: 35043220
I am afraid to apply D4 , First You please check dcdaig on 2008 DC , I removed DNS from 2008 and pointed DC 2003 DNS server IN NIC , IF I stop 2003 DC before removal for DNS server , Exchange server 2010 will not work, So 2008 dc is stil not functional

         ......................... TTCO-1 passed test FrsEvent
      Starting test: DFSREvent
         ......................... TTCO-1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... TTCO-1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... TTCO-1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... TTCO-1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... TTCO-1 passed test MachineAccount
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=DomainDnsZones,DC=TTEMAIL,DC=COM
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=ForestDnsZones,DC=TTEMAIL,DC=COM
         ......................... TTCO-1 failed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\TTCO-1\netlogon)
         [TTCO-1] An net use or LsaPolicy operation failed with error 67,
         The network name cannot be found..
         ......................... TTCO-1 failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... TTCO-1 passed test ObjectsReplicated
      Starting test: Replications
         ......................... TTCO-1 passed test Replications
      Starting test: RidManager
         ......................... TTCO-1 passed test RidManager
      Starting test: Services
         ......................... TTCO-1 passed test Services
      Starting test: SystemLog
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 03/05/2011   14:05:30
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 03/05/2011   14:06:03
            Event String:
            Name resolution for the name _ldap._tcp.Default-First-Site-Name._sit
es.dc._msdcs.TTEMAIL.COM timed out after none of the configured DNS servers resp
onded.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:06:05
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 03/05/2011   14:06:19
            Event String:
            Name resolution for the name TTEMAIL.COM timed out after none of the
 configured DNS servers responded.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:06:32
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         A warning event occurred.  EventID: 0x0000000C
            Time Generated: 03/05/2011   14:06:53
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:06:59
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:07:26
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:07:53
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:08:20
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:08:36
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:08:47
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 03/05/2011   14:09:06
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/TTCO-1.
TTEMAIL.COM; WSMAN/TTCO-1.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:09:08
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:09:08
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:09:14
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:09:41
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:10:08
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 03/05/2011   14:10:35
            Event String:
            The DFS Namespace service could not initialize cross forest trust in
formation on this domain controller, but it will periodically retry the operatio
n. The return code is in the record data.
         An error event occurred.  EventID: 0x00000469
            Time Generated: 03/05/2011   14:10:59
            Event String:
            The processing of Group Policy failed because of lack of network con
nectivity to a domain controller. This may be a transient condition. A success m
essage would be generated once the machine gets connected to the domain controll
er and Group Policy has succesfully processed. If you do not see a success messa
ge for several hours, then contact your administrator.
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 03/05/2011   14:11:33
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'TTEMAIL.COM.' failed.  These records are used by other compu
ters to locate this server as a domain controller (if the specified domain is an
 Active Directory domain) or as an LDAP server (if the specified domain is an ap
plication partition).
         An error event occurred.  EventID: 0x0000168E
            Time Generated: 03/05/2011   14:12:01
            Event String:
            The dynamic registration of the DNS record '_ldap._tcp.21612dfe-5c7c
-438a-b470-f946035d5089.domains._msdcs.TTEMAIL.COM. 600 IN SRV 0 100 389 TTCO-1.
TTEMAIL.COM.' failed on the following DNS server:
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 03/05/2011   14:12:01
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'TTEMAIL.COM.' failed.  These records are used by other compu
ters to locate this server as a domain controller (if the specified domain is an
 Active Directory domain) or as an LDAP server (if the specified domain is an ap
plication partition).
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 03/05/2011   14:12:01
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'ForestDnsZones.TTEMAIL.COM.' failed.  These records are used
 by other computers to locate this server as a domain controller (if the specifi
ed domain is an Active Directory domain) or as an LDAP server (if the specified
domain is an application partition).
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 03/05/2011   14:12:01
            Event String:
            Dynamic registration or deletion of one or more DNS records associat
ed with DNS domain 'DomainDnsZones.TTEMAIL.COM.' failed.  These records are used
 by other computers to locate this server as a domain controller (if the specifi
ed domain is an Active Directory domain) or as an LDAP server (if the specified
domain is an application partition).
         An error event occurred.  EventID: 0xC000042B
            Time Generated: 03/05/2011   14:12:04
            Event String:
            The terminal server cannot register 'TERMSRV' Service Principal Name
 to be used for server authentication. The following error occured: Insufficient
 access rights to perform the operation.
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 03/05/2011   14:34:54
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:35:45
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC000042B
            Time Generated: 03/05/2011   14:35:49
            Event String:
            The terminal server cannot register 'TERMSRV' Service Principal Name
 to be used for server authentication. The following error occured: Insufficient
 access rights to perform the operation.
         A warning event occurred.  EventID: 0x0000000C
            Time Generated: 03/05/2011   14:36:04
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:36:28
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   14:36:28
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 03/05/2011   14:37:50
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/TTCO-1.
TTEMAIL.COM; WSMAN/TTCO-1.
         ......................... TTCO-1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... TTCO-1 passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : TTEMAIL
      Starting test: CheckSDRefDom
         ......................... TTEMAIL passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... TTEMAIL passed test CrossRefValidation

   Running enterprise tests on : TTEMAIL.COM
      Starting test: LocatorCheck
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
         1355
         A Good Time Server could not be located.
         ......................... TTEMAIL.COM failed test LocatorCheck
      Starting test: Intersite
         ......................... TTEMAIL.COM passed test Intersite

C:\Users\administrator.TTEMAIL>

0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35043414
Please apply D4 to the 2008 server
0
 

Author Comment

by:harispm
ID: 35043624
D4 is applied , Now many errors Disappeared , But netlogon Share is not accessible , DCDiag is shown
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.TTEMAIL>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = TTCO-1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Dammam\TTCO-1
      Starting test: Connectivity
         ......................... TTCO-1 passed test Connectivity

Doing primary tests

   Testing server: Dammam\TTCO-1
      Starting test: Advertising
         ......................... TTCO-1 passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... TTCO-1 passed test FrsEvent
      Starting test: DFSREvent
         ......................... TTCO-1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... TTCO-1 passed test SysVolCheck
      Starting test: KccEvent
         ......................... TTCO-1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... TTCO-1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... TTCO-1 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... TTCO-1 passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\TTCO-1\netlogon)
         [TTCO-1] An net use or LsaPolicy operation failed with error 67,
         The network name cannot be found..
         ......................... TTCO-1 failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... TTCO-1 passed test ObjectsReplicated
      Starting test: Replications
         ......................... TTCO-1 passed test Replications
      Starting test: RidManager
         ......................... TTCO-1 passed test RidManager
      Starting test: Services
         ......................... TTCO-1 passed test Services
      Starting test: SystemLog
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 03/05/2011   16:27:18
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate
 to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
 or enroll for a new KDC certificate.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:27:50
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC000042B
            Time Generated: 03/05/2011   16:27:56
            Event String:
            The terminal server cannot register 'TERMSRV' Service Principal Name
 to be used for server authentication. The following error occured: Insufficient
 access rights to perform the operation.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:28:02
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:28:02
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:28:35
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:28:35
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 03/05/2011   16:29:57
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/TTCO-1.
TTEMAIL.COM; WSMAN/TTCO-1.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:36:39
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:37:53
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:37:53
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:53:04
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   16:53:04
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   17:09:22
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   17:09:22
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0x00000457
            Time Generated: 03/05/2011   17:23:38
            Event String:
            Driver Adobe PDF Converter required for printer Adobe PDF is unknown
. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 03/05/2011   17:23:43
            Event String:
            Driver Send To Microsoft OneNote Driver required for printer Send To
 OneNote 2007 is unknown. Contact the administrator to install the driver before
 you log in again.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   17:24:27
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   17:24:27
            Event String:
            The application-specific permission settings do not grant Local Laun
ch permission for the COM Server application with CLSID
         An error event occurred.  EventID: 0x0000164A
            Time Generated: 03/05/2011   17:25:32
            Event String:
            The Netlogon service could not create server share C:\Windows\SYSVOL
\sysvol\TTEMAIL.COM\SCRIPTS.  The following error occurred:
         ......................... TTCO-1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... TTCO-1 passed test VerifyReferences


   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : TTEMAIL
      Starting test: CheckSDRefDom
         ......................... TTEMAIL passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... TTEMAIL passed test CrossRefValidation

   Running enterprise tests on : TTEMAIL.COM
      Starting test: LocatorCheck
         ......................... TTEMAIL.COM passed test LocatorCheck
      Starting test: Intersite
         ......................... TTEMAIL.COM passed test Intersite

C:\Users\administrator.TTEMAIL>
0
 

Author Comment

by:harispm
ID: 35043650
After moved the PDC and RID role Dcdiag is giving time error, How to solve

\sysvol\TTEMAIL.COM\SCRIPTS.  The following error occurred:
         A warning event occurred.  EventID: 0x0000000C
            Time Generated: 03/05/2011   17:31:44
            Event String:
            Time Provider NtpClient: This machine is configured to use the domai
n hierarchy to determine its time source, but it is the AD PDC emulator for the
domain at the root of the forest, so there is no machine above it in the domain
hierarchy to use as a time source. It is recommended that you either configure a
 reliable time service in the root domain, or manually configure the AD PDC to s
ynchronize with an external time source. Otherwise, this machine will function a
s the authoritative time source in the domain hierarchy. If an external time sou
rce is not configured or used for this computer, you may choose to disable the N
tpClient.
         ......................... TTCO-1 failed test SystemLog
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35044053
It can take acetone for it to fix itself.
0
 

Author Comment

by:harispm
ID: 35044147
Still I cannot Edit Group policy, Time problem is fixed, but Dcdiag reports Sysvol Replication with warning

Starting test: FrsEvent
   There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication problems may cause
   Group Policy problems.
   ......................... TTCO-1 passed test FrsEvent

            The processing of Group Policy failed. Windows attempted to read the file \\TTEMAIL.COM\sysvol\TTEMAIL.COM\Policies\{31B2F340-016D-11D2-94
5F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This
issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 03/05/2011   18:45:33

netlogon share is not accessible still
0
 

Author Comment

by:harispm
ID: 35054033
The processing of Group Policy failed. Windows attempted to read the file \\TTEMAIL.COM\sysvol\TTEMAIL.COM\Policies\{31B2F340-016D-11D2-9
84F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This

netlogon Share is not created ,  ad 2003 group policies s not replicated to new 2008 DC Scripts Directory
Waiting for your response
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 74

Expert Comment

by:Glen Knight
ID: 35054114
Can you post an IPCONFIG /ALL from noth servers please?
0
 

Author Comment

by:harispm
ID: 35054216

2008- DC

C:\Users\administrator.TTEMAIL>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : TTCO-1
   Primary Dns Suffix  . . . . . . . : TTEMAIL.COM
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : TTEMAIL.COM

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC382i DP Multifunction Gigabit Server Adapter #3
   Physical Address. . . . . . . . . : 68-B5-99-6D-64-3E
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.0.254
   DNS Servers . . . . . . . . . . . : 10.0.0.202
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0EA6482A-A051-4871-AD40-12F8DE5DE743}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\administrator.TTEMAIL>

2003 DC
 
C:\>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : tesco-serv
   Primary Dns Suffix  . . . . . . . : TTEMAIL.COM
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : TTEMAIL.COM

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad
apter
   Physical Address. . . . . . . . . : 00-21-5A-A8-4F-7C
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.0.0.202
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.0.0.254
   DNS Servers . . . . . . . . . . . : 10.0.0.202
   Primary WINS Server . . . . . . . : 10.0.0.202

C:\>


0
 

Author Comment

by:harispm
ID: 35056377
Waiting for your response
0
 

Author Comment

by:harispm
ID: 35058752
please note this ,

Ad 2003 is   windows 2003 enterprise SP2
AD 2008 is windows 2008 r2 Standard

0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35058901
Can you restart both servers please?
0
 

Author Comment

by:harispm
ID: 35059509
I restarted servers ,  Stil netlogon is missing

Scripts and Policies directories  are  missing in     Sysvol/TTEMAIL.com  

please advice the solutions

0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35059518
Which server doesn't have the NETLOGON share?
0
 

Author Comment

by:harispm
ID: 35065841
AD 2008 ,  Windows 2008 STD R2
0
 

Author Comment

by:harispm
ID: 35069591
I found the problem
FRS primary member was orphaned DC , I removed the replcia set from AD users and computers, and deleted teh computer account,  Now My question is how to tranfer the FRS  primary memebrship to Existing 2003 DC or 2008 DC
0
 

Assisted Solution

by:harispm
harispm earned 0 total points
ID: 35079635
Solved the problem
Removed the DC 2008 in AD 2003 network
Removed Orphaned FRS member ( no longer in existing network ) ,Apply Enable journal wrap automatic restore and it took long time  
Applied D4
SYSVOL share automatially created , Restarted server netlogon also created,  
Installed Addtional DC 2008 m Sysvol and netlogon apperated, group policy, and all are working fine
0
 

Author Closing Comment

by:harispm
ID: 35120756
FRS primary member was carshed DC ,
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

I have put this article together as i needed to get all the information that might be available already into one general document that could be referenced once without searching the Internet for the different pieces. I have had a few issues where…
Microsoft has released remote PowerShell capabilities to all commercial Office 365 customers. So you can be controlled via PowerShell and not from the Office 365 admin center Download Windows PowerShell Module for Lync Online http://www.micros…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now