omzeyad
asked on
Failed to ping or bind to the Infrastructure Master FSMO role holder
I have this error in scom
"Failed to ping or bind to the Infrastructure Master FSMO role holder"
I searched in the internet to know this error but I didn't know what to do .
I just found a link"http://mpwiki.viacode.com/default.aspx?g=posts&t=2053" that states I should open the AD MP Events view.
I read the management pack of the active directory in this site :
http://technet.microsoft.com/en-us/library/cc180912.aspx
I found the following but that didn't help me
failed to ping or bind to the Infrastructure Master FSMO role holder
Event
Active Directory Windows 2000 and Windows Server 2003 - Active Directory Availability
Event Number equals 20007.
Event Type equals Warning.
Source Name equals AD Op Master Response.
Warning
I don't know what to do regarding this warning,it is repeated occasionally
"Failed to ping or bind to the Infrastructure Master FSMO role holder"
I searched in the internet to know this error but I didn't know what to do .
I just found a link"http://mpwiki.viacode.com/default.aspx?g=posts&t=2053" that states I should open the AD MP Events view.
I read the management pack of the active directory in this site :
http://technet.microsoft.com/en-us/library/cc180912.aspx
I found the following but that didn't help me
failed to ping or bind to the Infrastructure Master FSMO role holder
Event
Active Directory Windows 2000 and Windows Server 2003 - Active Directory Availability
Event Number equals 20007.
Event Type equals Warning.
Source Name equals AD Op Master Response.
Warning
I don't know what to do regarding this warning,it is repeated occasionally
ASKER
1) how many DC's you have
2 DC
2) os of all DC
windows server 2008 service pack 1
3) forest /domain functional level
i will check
I will upload the output of the command
2 DC
2) os of all DC
windows server 2008 service pack 1
3) forest /domain functional level
i will check
I will upload the output of the command
ASKER
domain functional level is windows server 2008 R2
forest functional level is Windows Server 2008
forest functional level is Windows Server 2008
ok,,,,
if you run below commands what is the putput, please upload santized
start>run>cmd
1)netdom /query fsmo
2)dcdiag
3)repadmin /showrepl
if you run below commands what is the putput, please upload santized
start>run>cmd
1)netdom /query fsmo
2)dcdiag
3)repadmin /showrepl
Errors
1) ......................... DC failed test NCSecDes.... You can safely ignore refer to http://support.microsoft.com/kb/967482
2) ......................... DC failed test Services........You can safely ignore refer to http://support.microsoft.com/kb/973665
with regards to your orignal post look like you have connectivity issues with DC to network.
can you upoad orignal screen shot after santiziing your domainname only?
Plz also check forewall settings of your DC.....
Take your full DC backup and check if below can help you
http://technet.microsoft.com/en-us/library/dd279743.aspx
Caution : I never tested above......
1) ......................... DC failed test NCSecDes.... You can safely ignore refer to http://support.microsoft.com/kb/967482
2) ......................... DC failed test Services........You can safely ignore refer to http://support.microsoft.com/kb/973665
with regards to your orignal post look like you have connectivity issues with DC to network.
can you upoad orignal screen shot after santiziing your domainname only?
Plz also check forewall settings of your DC.....
Take your full DC backup and check if below can help you
http://technet.microsoft.com/en-us/library/dd279743.aspx
Caution : I never tested above......
Could you please check the pther DC is not behind the firewall???
ASKER
dear usman
what do you mean by santiziing my domain name
anyway this is the screen shot of the fsmo and repadmin command
what do you mean by santiziing my domain name
anyway this is the screen shot of the fsmo and repadmin command
your FSMO holder is up and running.
you dont have any replication issues.
with regards to dcdiag i already replied you.
regards to your question plz try to trouble shot DC connectivity, i would like to know is there any firewall between two dc's?
i tried to simulate your error in my LAB this comes when a firewall preventing ICMP packets. in my case this error comes on NON FSMO HOLDER, please confirm where you see this error? on fsmo holder or non fsmo holder...
you dont have any replication issues.
with regards to dcdiag i already replied you.
regards to your question plz try to trouble shot DC connectivity, i would like to know is there any firewall between two dc's?
i tried to simulate your error in my LAB this comes when a firewall preventing ICMP packets. in my case this error comes on NON FSMO HOLDER, please confirm where you see this error? on fsmo holder or non fsmo holder...
ASKER
I appreciate your support
I will ask the infrastructure department because they are responsible for the firewall,
I think this is the case ,because this error sometimes happened not always .
the windows firewall is already closed
do you think that I must install Microsoft network monitor on the domain controller to see what happened in network ,would that affect the performance of the domain controller
I will ask the infrastructure department because they are responsible for the firewall,
I think this is the case ,because this error sometimes happened not always .
the windows firewall is already closed
do you think that I must install Microsoft network monitor on the domain controller to see what happened in network ,would that affect the performance of the domain controller
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
all I know that fortigate is used ,and all servers are located in vlan1 and workstation are located in vlan2 ,I'm sure that dc and adc are in the same vlan .no firewall between them
I think that may be the infrastructure department edit some rules and cause that error to generate ,therefore I need to install a network monitoring tool to know what happened but I'm afraid that it may affect the performance of the domain ,I can't make the monitor record all connections until a problem happened and I don't know when it will happen.
I think that may be the infrastructure department edit some rules and cause that error to generate ,therefore I need to install a network monitoring tool to know what happened but I'm afraid that it may affect the performance of the domain ,I can't make the monitor record all connections until a problem happened and I don't know when it will happen.
please provide below info
1) how many DC's you have
2) os of all DC
3) forest /domain functional level
if you run below commands what is the putput, please upload santized
start>run>cmd
1)netdom /query fsmo
2)dcdiag
3)repadmin /showrepl