wsc-it
asked on
DHCP wont work on 2008 r2
hey guys installed a new vm for testiing, server 2008 r2
ran dcpromo and installed it as a DC, i then configured DHCP and authorized it
Problem is the ipv4 top level icon has a red error icon in it, and wont fish out IPs
the log keeps repeating with erros saying the following
"The DHCP service failed to see a directory server for authorization"
I tried a few things, like checking the credentials in the dhcp settings, removing and reinstalling the role etc.
If its too hard ill just make a new VM and trash this one!, hopin to fix it easy but as ive already configured a bit of of!
ran dcpromo and installed it as a DC, i then configured DHCP and authorized it
Problem is the ipv4 top level icon has a red error icon in it, and wont fish out IPs
the log keeps repeating with erros saying the following
"The DHCP service failed to see a directory server for authorization"
I tried a few things, like checking the credentials in the dhcp settings, removing and reinstalling the role etc.
If its too hard ill just make a new VM and trash this one!, hopin to fix it easy but as ive already configured a bit of of!
Any Event Id? Please....
Did you restart the DHCP Service? If that fails, is the DC otherwise healthy? You can start checking by running NETDIAG and DCDIAG from the support tools.
1) Did you tried to deathorize and reauthorize?
2) Please check DNS configuration if DC is available in ping dc.somewhat.local and responds
3) any 3rdparty/MS firewall active on interface? Are the rules to exclude DNS traffic and DHCP traffic included?
Did you restart the DHCP Service? If that fails, is the DC otherwise healthy? You can start checking by running NETDIAG and DCDIAG from the support tools.
1) Did you tried to deathorize and reauthorize?
2) Please check DNS configuration if DC is available in ping dc.somewhat.local and responds
3) any 3rdparty/MS firewall active on interface? Are the rules to exclude DNS traffic and DHCP traffic included?
Do you have an other instance of DHCP running on your network (router, firewall, ...)
If you have another DHCP service running then you will not be able to start the SBS DHCP service.
If you have another DHCP service running then you will not be able to start the SBS DHCP service.
Just checking. Are you authorizing the DHCP server with a user as a member of the Enterprise Admins security group?
ASKER
Here is the dcdiag /c
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC 1
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC 1
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: CheckSecurityError
[DC1] DsReplicaGetInfo(KCC_DS_CO NNECT_FAIL URES) failed with error
8453,
[DC1] Unable to query the list of KCC connection failures.
Continuing...
[DC1] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC1 passed test CheckSecurityError
Starting test: CutoffServers
......................... DC1 passed test CutoffServers
Starting test: FrsEvent
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: FrsSysVol
......................... DC1 passed test FrsSysVol
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
[DC1] User credentials does not have permission to perform this
operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... DC1 failed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... DC1 passed test OutboundSecureChannels
Starting test: Replications
[Replications Check,DC1] DsReplicaGetInfo(PENDING_O PS, NULL) failed,
error 0x2105 "Replication access was denied."
......................... DC1 failed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
Could not open NTDS Service on DC1, error 0x5 "Access is denied."
......................... DC1 failed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000423
Time Generated: 03/30/2012 09:35:44
Event String:
The DHCP service failed to see a directory server for authorization.
......................... DC1 failed test SystemLog
Starting test: Topology
......................... DC1 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... DC1 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Starting test: VerifyReplicas
......................... DC1 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DC1 failed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : wsctest
Starting test: CheckSDRefDom
......................... wsctest passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... wsctest passed test CrossRefValidation
Running enterprise tests on : wsctest.local
Starting test: DNS
Test results for domain controllers:
DC: dc1.wsctest.local
Domain: wsctest.local
TEST: Basic (Basc)
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)
dc1 PASS WARN n/a n/a n/a n/a n/a
......................... wsctest.local passed test DNS
Starting test: LocatorCheck
......................... wsctest.local passed test LocatorCheck
Starting test: FsmoCheck
......................... wsctest.local passed test FsmoCheck
Starting test: Intersite
......................... wsctest.local passed test Intersite
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc1
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: CheckSecurityError
[DC1] DsReplicaGetInfo(KCC_DS_CO
8453,
[DC1] Unable to query the list of KCC connection failures.
Continuing...
[DC1] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... DC1 passed test CheckSecurityError
Starting test: CutoffServers
......................... DC1 passed test CutoffServers
Starting test: FrsEvent
......................... DC1 passed test FrsEvent
Starting test: DFSREvent
......................... DC1 passed test DFSREvent
Starting test: SysVolCheck
......................... DC1 passed test SysVolCheck
Starting test: FrsSysVol
......................... DC1 passed test FrsSysVol
Starting test: KccEvent
......................... DC1 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... DC1 passed test MachineAccount
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
[DC1] User credentials does not have permission to perform this
operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... DC1 failed test NetLogons
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test because /testdomain: was
not entered
......................... DC1 passed test OutboundSecureChannels
Starting test: Replications
[Replications Check,DC1] DsReplicaGetInfo(PENDING_O
error 0x2105 "Replication access was denied."
......................... DC1 failed test Replications
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: Services
Could not open NTDS Service on DC1, error 0x5 "Access is denied."
......................... DC1 failed test Services
Starting test: SystemLog
An error event occurred. EventID: 0x00000423
Time Generated: 03/30/2012 09:35:44
Event String:
The DHCP service failed to see a directory server for authorization.
......................... DC1 failed test SystemLog
Starting test: Topology
......................... DC1 passed test Topology
Starting test: VerifyEnterpriseReferences
......................... DC1 passed test VerifyEnterpriseReferences
Starting test: VerifyReferences
......................... DC1 passed test VerifyReferences
Starting test: VerifyReplicas
......................... DC1 passed test VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DC1 failed test DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : wsctest
Starting test: CheckSDRefDom
......................... wsctest passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... wsctest passed test CrossRefValidation
Running enterprise tests on : wsctest.local
Starting test: DNS
Test results for domain controllers:
DC: dc1.wsctest.local
Domain: wsctest.local
TEST: Basic (Basc)
Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)
dc1 PASS WARN n/a n/a n/a n/a n/a
......................... wsctest.local passed test DNS
Starting test: LocatorCheck
......................... wsctest.local passed test LocatorCheck
Starting test: FsmoCheck
......................... wsctest.local passed test FsmoCheck
Starting test: Intersite
......................... wsctest.local passed test Intersite
ASKER
drkansari,
The eventid is 1059
Yes ive tried restarting. Above post is the DCDIAG, Few errors in it, NETDIAG does not run, u nrecognized command.
If i ping servername.domainname.loca l it gets a reply OK
There are no third party firewalls, Its an isolated VM running on vmware workstation 8
The MS firewall is active however.
motnahp00,
Yes the administrator account is in the enterprise admins group
BxozPosted,
No, And its not SBS server its 2008 r2 enterprise
The eventid is 1059
Yes ive tried restarting. Above post is the DCDIAG, Few errors in it, NETDIAG does not run, u nrecognized command.
If i ping servername.domainname.loca
There are no third party firewalls, Its an isolated VM running on vmware workstation 8
The MS firewall is active however.
motnahp00,
Yes the administrator account is in the enterprise admins group
BxozPosted,
No, And its not SBS server its 2008 r2 enterprise
You need to run this test as an administrator.
Right-click command prompt and select "Run as Administrator"
Right-click command prompt and select "Run as Administrator"
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
resolved this myself
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/4067755e-1631-424d-9a32-f3b672c13c43/