Solved

Server 2008 r2 missing netlogin and failed test advertising

Posted on 2014-03-09
3
353 Views
Last Modified: 2014-03-10
Hello,

We have a Server 2008 r2 machine promoted to domain controller with a current server 2000 DC.

When DCDIAG is run these errors occur:

1. failed test advertising

2. NetLogin share cannot be found

3. KDC cannot find a suitable certificate

We would like to resolve the issues before moving the FSMO roles over from the 2000 server.
0
Comment
Question by:networkadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39916528
Are there firewalls between the two DCs?   Just want to make sure the proper ports are open

Start with this KB  http://support.microsoft.com/kb/947022/en-us

What events are you seeing in your logs?

Thanks

Mike
0
 

Author Comment

by:networkadmin
ID: 39916547
No Firewalls are between the servers.

The log shows this after making the change shown by the above KB:

Log Name:      System
Source:        NETLOGON
Date:          3/9/2014 6:15:17 PM
Event ID:      5706
Task Category: None
Level:         Error
Keywords:      Classic

The Netlogon service could not create server share C:\Windows\SYSVOL\sysvol\domain.local\SCRIPTS.  The following error occurred:
The system cannot find the file specified.
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39917935
if you are unable to see the sysvol share then follow and enable the share.


Set the SysvolReady Flag registry value to "0" and then back to "1" in the registry.

 Click Start, click Run, type regedit, and then click OK.
 Locate the following subkey in Registry Editor:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]

 In the details pane, right-click SysvolReady Flag, and then click Modify.
 In the Value data box, type 0 and then click OK.
 Again in the details pane, right-click SysvolReady Flag, and then click
 Modify.  In the Value data box, type 1, and then click OK.

 Then run NET SHARE and see if the SYSVOL and NETLOGON share is present.
------------------------------------

check if DNS is working fine with NSLOOKUP command.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question