ahmad1467
asked on
Problems in the DCDIAG Reports
I have some concerns about my domain controller, a few days ago I took my 2003 Exchange Server out of my domain and now I am wondering if everything is ok with my Domain controller running on another Windows 2003 Server . I followed the steps to do this correctly after I did this I notice a few problems. On one of my serves in my domain is having some problems with program based services, some of the ones that were using logons stop working, then when I tried to use a different user and brows to find the user it sees the user but when I select apply I get a message that says {The specific domain ether does not exist or could not be contacted}. I ran
dcdiag /e /c > and I saw some things that I’m not sure about, is this where I would look if it were a problem with AD?
dcdiag /e /c > and I saw some things that I’m not sure about, is this where I would look if it were a problem with AD?
ASKER
This is where I first start seeing problems in the test
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC -ALLIED
Starting test: Connectivity
......................... DC-ALLIED passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC -ALLIED
Starting test: Replications
.........................
Starting test: Services
......................... DC-ALLIED passed test Services
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... DC-ALLIED passed test OutboundSecureChannels
Starting test: ObjectsReplicated
......................... DC-ALLIED passed test ObjectsReplicated
Starting test: frssysvol
......................... DC-ALLIED passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC-ALLIED failed test frsevent
Starting test: kccevent
......................... DC-ALLIED passed test kccevent
Starting test: systemlog
......................... DC-ALLIED passed test systemlog
Starting test: VerifyReplicas
......................... DC-ALLIED passed test VerifyReplicas
Starting test: VerifyReferences
......................... DC-ALLIED passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... DC-ALLIED passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
[DC-ALLIED] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC-ALLIED passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : allied
Starting test: CrossRefValidation
......................... allied passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... allied passed test CheckSDRefDom
Running enterprise tests on : allied.ad
Starting test: Intersite
......................... allied.ad passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU IRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
......................... allied.ad failed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: DC-ALLIED.allied.ad
Domain: allied.ad
TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 208.67.220.220 (<name unavailable>)
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure allied.ad.
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 208.67.220.220 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 208.67.220.220
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ ________
Domain: allied.ad
DC-ALLIED PASS PASS PASS PASS WARN PASS n/a
......................... allied.ad passed test DNS
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC-ALLIED passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC
Starting test: Replications
.........................
Starting test: Services
......................... DC-ALLIED passed test Services
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... DC-ALLIED passed test OutboundSecureChannels
Starting test: ObjectsReplicated
......................... DC-ALLIED passed test ObjectsReplicated
Starting test: frssysvol
......................... DC-ALLIED passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... DC-ALLIED failed test frsevent
Starting test: kccevent
......................... DC-ALLIED passed test kccevent
Starting test: systemlog
......................... DC-ALLIED passed test systemlog
Starting test: VerifyReplicas
......................... DC-ALLIED passed test VerifyReplicas
Starting test: VerifyReferences
......................... DC-ALLIED passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... DC-ALLIED passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
[DC-ALLIED] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC-ALLIED passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : allied
Starting test: CrossRefValidation
......................... allied passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... allied passed test CheckSDRefDom
Running enterprise tests on : allied.ad
Starting test: Intersite
......................... allied.ad passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
......................... allied.ad failed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: DC-ALLIED.allied.ad
Domain: allied.ad
TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 208.67.220.220 (<name unavailable>)
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure allied.ad.
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 208.67.220.220 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 208.67.220.220
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: allied.ad
DC-ALLIED PASS PASS PASS PASS WARN PASS n/a
......................... allied.ad passed test DNS
Your Domain controller is not able to locate FMSO roles in any of the servers and there is no Global catalog server. Can you check where these roles are existing now. you can do it by running the below command:
netdom query fsmo
run the above command and check if the server holding the roles is present your network.
netdom query fsmo
run the above command and check if the server holding the roles is present your network.
ASKER
I ran netdom query fsmo from my domain controller and this is what I got
C:\>netdom query fsmo
Schema owner DC-1.abc.ad
Domain role owner DC-1.abc.ad
PDC role DC-1.abc.ad
RID pool manager DC-1.abc.ad
Infrastructure owner DC-1.abc.ad
The command completed successfully.
-------------------------- ---------- ---------- ---------- ---------- ------
DC-1 is the name of my domain controller and abc.ad is the name of my domain
I don’t see the name of the old server, also under AD users and computers I only see one server under domain controllers I only see one server.
C:\>netdom query fsmo
Schema owner DC-1.abc.ad
Domain role owner DC-1.abc.ad
PDC role DC-1.abc.ad
RID pool manager DC-1.abc.ad
Infrastructure owner DC-1.abc.ad
The command completed successfully.
--------------------------
DC-1 is the name of my domain controller and abc.ad is the name of my domain
I don’t see the name of the old server, also under AD users and computers I only see one server under domain controllers I only see one server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
DrUltima