Cannot login to Windows 2003 BDC
Cannot loging to Windows 2003 server PDC
Cannot see anything in logs but upon boot it complains about services not starting.
When I try to login to the windows 2003 server BDC, it won't let me login either
Does the BDC authenticate locally?
Have tried several usernames/ passwords
Cannot see anything in logs but upon boot it complains about services not starting.
When I try to login to the windows 2003 server BDC, it won't let me login either
Does the BDC authenticate locally?
Have tried several usernames/ passwords
They are both equal (no BDCs since NT) but I know what you are saying DC1 holds all your FSMOs.
If the DCs have been healthy and replicating then everything on DC1 should be the same on DC2 so they both hold full writable copies of AD
Can you get in via DSRM mode (f8 at boot up)
Thanks
Mike
If the DCs have been healthy and replicating then everything on DC1 should be the same on DC2 so they both hold full writable copies of AD
Can you get in via DSRM mode (f8 at boot up)
Thanks
Mike
ASKER
Yes, I can get into both Dcs via DSRM
But once there I'm not clear how I can fix the issue?
I honestly don't believe it's a username or password issue as I log in every day and logged in fin just last night
But once there I'm not clear how I can fix the issue?
I honestly don't believe it's a username or password issue as I log in every day and logged in fin just last night
ASKER
Also, all logins on netword are failing so DC is definitely sick
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
On the active DC there are indeed replication errors
2092: This server is the owner of the following FSMO role but does not consider it valid. For the partition which contains FMSO this server has not replicated successfully with any of its partners since the server has been restarted. Replication error are preventing validation of this role
Operation which require contacting FSMO operation ,master will fail until this condition is corrected
(Above one repeated)
2089: The directory partition has not been backed up since at last the number of following days
<details of domain>
Backup latency interval (days): 30
2092: This server is the owner of the following FSMO role but does not consider it valid. For the partition which contains FMSO this server has not replicated successfully with any of its partners since the server has been restarted. Replication error are preventing validation of this role
Operation which require contacting FSMO operation ,master will fail until this condition is corrected
(Above one repeated)
2089: The directory partition has not been backed up since at last the number of following days
<details of domain>
Backup latency interval (days): 30
ASKER
There there is an error
1229
System Monitor was unable to open Active Directory performance counters. An attempt to open shared memory failed
Error value: 2
The system cannot find the specified file
Could this be related to the Exchange 2007 uninstall?
1229
System Monitor was unable to open Active Directory performance counters. An attempt to open shared memory failed
Error value: 2
The system cannot find the specified file
Could this be related to the Exchange 2007 uninstall?
Any 4015 or 4013 DNS errors Can you post dcdiag output.
Thanks
Mike
Thanks
Mike
ASKER
On the other DC (what I can the BDC) there is an error
2087
Active directory could not resolve the following DNS host name of the source domain controller to an ip address
THis error prevents .... changes replicating
Source domain DC: XXX
Failing host name: YYY
I can pink XXX from this machine and the ip address resolves
I am not clear on the meaining of YYY
2087
Active directory could not resolve the following DNS host name of the source domain controller to an ip address
THis error prevents .... changes replicating
Source domain DC: XXX
Failing host name: YYY
I can pink XXX from this machine and the ip address resolves
I am not clear on the meaining of YYY
ASKER
I am not familiar with DCDiag
I can only wind a windows 2000 version to download off MS site?
Will this run in DSRM?
I can only wind a windows 2000 version to download off MS site?
Will this run in DSRM?
ASKER
I have found version for Windows 2003 Server - will download
But can it run in DSRM?
But can it run in DSRM?
ASKER
When I try to install in DSRM it says:
The system administrator has set policies to prevent this installation
The system administrator has set policies to prevent this installation
check your DNS server settings
ASKER
I have and I cn't see anything wrong
ASKER
Actually, all the zones have disappeared
I can see error 4007
The DNS server was unable to open zone xxx in the active directory
I can see error 4007
The DNS server was unable to open zone xxx in the active directory
ASKER
OK, what I want to do now is seize the FMSO roles on the non active DC but I can only log into it in DSRM because the tomestone setting has been exceeded
Is there a way to do this or should I just change the tomstone setting so it thinks it is OK?
Is there a way to do this or should I just change the tomstone setting so it thinks it is OK?
ASKER
There were replication problems but I had to sort out the causes
In the case of wrong password, you could reset the domain admin password.
Check this out:
http://www.petri.co.il/reset_domain_admin_password_in_windows_server_2003_ad.htm