Everything you need to know about backup and disaster recovery with AWS, for FREE!
Course Of The Month
5 days, 19 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
SBS 2011 Problems after migration
Posted on 2011-09-19
We have a SBS 2011 box that was migrated from SBS 2003. The SBS 2003 box has been demoted and removed from the network, however there are lingering problems with Active Directory. In the Application log under File Replication Service I see this error:
Apparently the initial sync never finished. I manually created the SYSVOL and NETLOGON shares in the appropriate directories but that doesn't seem to have helped, and they disappear after rebooting. I also receive the following error ocasionally when trying to open Active Directory Users & Computers:
This occurs sometimes and other times ADUC can open.
Here are the results from dcdiag
File Replication Service is scanning the data in the system volume. Computer xxx cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL.
To check for the SYSVOL share, at the command prompt, type:
net share
When File Replication Service completes the scanning process, the SYSVOL share will appear.
The initialization of the system volume can take some time. The time is dependent on the amount of data in the system volume.
Apparently the initial sync never finished. I manually created the SYSVOL and NETLOGON shares in the appropriate directories but that doesn't seem to have helped, and they disappear after rebooting. I also receive the following error ocasionally when trying to open Active Directory Users & Computers:
Naming Information Cannot Be Located because:
The specified domain either does not exist or could not be contacted.
Contact your system administrator to verify that your domain is properly configured and is currently online.
This occurs sometimes and other times ADUC can open.
Here are the results from dcdiag
Performing initial setup:
Trying to find home server...
Home Server = SERVER
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Advertising
Fatal Error:DsGetDcName (SERVER) call failed, error 1355
The Locator could not find the server.
......................... SERVER failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
Group Policy problems. Failing SYSVOL replication problems may cause
......................... SERVER passed test FrsEvent
Starting test: DFSREvent
......................... SERVER passed test DFSREvent
Starting test: SysVolCheck
......................... SERVER passed test SysVolCheck
Starting test: KccEvent
An error event occurred. EventID: 0xC0000466
Time Generated: 09/19/2011 14:25:42
Event String:
Active Directory Domain Services was unable to establish a connection with the global catalog.
......................... SERVER failed test KccEvent
Starting test: KnowsOfRoleHolders
Starting test: MachineAccountSERVER passed test KnowsOfRoleHolders
......................... SERVER passed test MachineAccount
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=ForestDnsZones,DC=office,DC=domain,DC=org
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes In Filtered Set
access rights for the naming context:
DC=DomainDnsZones,DC=office,DC=domain,DC=org
......................... SERVER failed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\SERVER\netlogon)
[SERVER] An net use or LsaPolicy operation failed with error
67, The network name cannot be found..
......................... SERVER failed test NetLogons
Starting test: ObjectsReplicated
......................... SERVER passed test ObjectsReplicated
Starting test: Replications
......................... SERVER passed test Replications
Starting test: RidManager
......................... SERVER passed test RidManager
Starting test: Services
......................... SERVER passed test Services
Starting test: SystemLog
......................... SERVER failed test SystemLog
Starting test: VerifyReferences
......................... SERVER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
Running partition tests on : office
Starting test: CheckSDRefDom
......................... office passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... office passed test CrossRefValidation
Running enterprise tests on : office.domain.org
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... office.domain.org failed test
LocatorCheck
Starting test: Intersite
......................... office.domain.org passed test
Intersite
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
5 Comments
Any help would be greatly appreciated. The next step is going to be to backup the data, format the new server and create a new domain.
Here is what AD Sites and Services says when trying to open:
Here are some various errors from the event log
GroupPolicy, Event ID: 1054
ADWS, Event ID: 1206
ActiveDirectory_DomainServ
DNS-Server-Service, Event ID: 4015
Here is what AD Sites and Services says when trying to open:
The configuration information describing this enterprise is not available.
The specified domain either does not exist or could not be contacted.
Here are some various errors from the event log
GroupPolicy, Event ID: 1054
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
ADWS, Event ID: 1206
Active Directory Web Services was unable to determine if the computer is a global catalog server.
ActiveDirectory_DomainServ
Active Directory Domain Services was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200e25
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
DNS-Server-Service, Event ID: 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Active 2 days ago
For the error about the lack of Global Catalog, please refer to the following link:
http://onlinehelp.microsoft.com/en-us/sbs2011essentials/gg186129.aspx
Once rebooted - see if the other errors are appearing.
Alan
http://onlinehelp.microsoft.com/en-us/sbs2011essentials/gg186129.aspx
Once rebooted - see if the other errors are appearing.
Alan
These are some serious issues, about rebuilding the SYSVOL please follow this article: http://support.microsoft.com/kb/315457
Once done this might resolve some other issues.
please note that if there is some information under the SYSVOL folder make sure you make a backup or copy of these folders, you might use this to restore some script and group policy information.
Also make sure that your server is using itself as primary DNS server and not any other, this could give all kind of problems
Once done this might resolve some other issues.
please note that if there is some information under the SYSVOL folder make sure you make a backup or copy of these folders, you might use this to restore some script and group policy information.
Also make sure that your server is using itself as primary DNS server and not any other, this could give all kind of problems
I have tried all of these suggestions and no help. I think I am going to be forced to format and start over...
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard.
The answer to the question is relativ…
Know what services you can and cannot, should and should not combine on your server.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface.
Change Cu…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special.
It's completely agentless, but does let you create an agent, if you desire.
It offers powerful scalability …
Suggested Courses
Course of the Month5 days, 19 hours left to enroll
705 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.