Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ACTIVE DIRECTORY ISSUES AFTER RESTARTING EXCHANGE SERVER

Posted on 2014-04-10
6
Medium Priority
?
402 Views
Last Modified: 2014-04-21
AFTER RESTARTING SERVER FOR WINDOWS UPDATES....AD IS NOT FUNCTIONING LIKE IT SHOULD INTERMITTENT ERRORS FROM DCDIAG.....

HERE IS OUTPUT;

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Connectivity
         ......................... TMA-SERVICES passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Replications
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=ForestDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:32.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=DomainDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:31.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: CN=Schema,CN=Configuration,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:30.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         ......................... TMA-SERVICES passed test Replications
      Starting test: NCSecDesc
         ......................... TMA-SERVICES passed test NCSecDesc
      Starting test: NetLogons
         ......................... TMA-SERVICES passed test NetLogons
      Starting test: Advertising
         ......................... TMA-SERVICES passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TMA-SERVICES passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... TMA-SERVICES passed test RidManager
      Starting test: MachineAccount
         ......................... TMA-SERVICES passed test MachineAccount
      Starting test: Services
         ......................... TMA-SERVICES passed test Services
      Starting test: ObjectsReplicated
         ......................... TMA-SERVICES passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... TMA-SERVICES passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... TMA-SERVICES failed test frsevent
      Starting test: kccevent
         ......................... TMA-SERVICES passed test kccevent
      Starting test: systemlog
         ......................... TMA-SERVICES passed test systemlog
      Starting test: VerifyReferences
         ......................... TMA-SERVICES passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : toomanyamps
      Starting test: CrossRefValidation
         ......................... toomanyamps passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... toomanyamps passed test CheckSDRefDom

   Running enterprise tests on : toomanyamps.local
      Starting test: Intersite
         ......................... toomanyamps.local passed test Intersite
      Starting test: FsmoCheck
         ......................... toomanyamps.local passed test FsmoCheck
0
Comment
Question by:gleaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 

Author Comment

by:gleaver
ID: 39992629
FROM THE OTHER DC ALSO RUNS EXCHANGE;

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Connectivity
         ......................... TMA-SERVICES passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Replications
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=ForestDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:32.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=DomainDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:31.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: CN=Schema,CN=Configuration,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:30.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         ......................... TMA-SERVICES passed test Replications
      Starting test: NCSecDesc
         ......................... TMA-SERVICES passed test NCSecDesc
      Starting test: NetLogons
         ......................... TMA-SERVICES passed test NetLogons
      Starting test: Advertising
         ......................... TMA-SERVICES passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TMA-SERVICES passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... TMA-SERVICES passed test RidManager
      Starting test: MachineAccount
         ......................... TMA-SERVICES passed test MachineAccount
      Starting test: Services
         ......................... TMA-SERVICES passed test Services
      Starting test: ObjectsReplicated
         ......................... TMA-SERVICES passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... TMA-SERVICES passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... TMA-SERVICES failed test frsevent
      Starting test: kccevent
         ......................... TMA-SERVICES passed test kccevent
      Starting test: systemlog
         ......................... TMA-SERVICES passed test systemlog
      Starting test: VerifyReferences
         ......................... TMA-SERVICES passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : toomanyamps
      Starting test: CrossRefValidation
         ......................... toomanyamps passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... toomanyamps passed test CheckSDRefDom

   Running enterprise tests on : toomanyamps.local
      Starting test: Intersite
         ......................... toomanyamps.local passed test Intersite
      Starting test: FsmoCheck
         ......................... toomanyamps.local passed test FsmoCheck
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39992757
What happens if you rollback the changes/updates?  Get rid of them and DCDIAG.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 1000 total points
ID: 40000474
Your Exchange server is running on a separate server correct?

Is this the first time you are getting these errors after restart your DC?

As a test run the following commands on your DC:
net stop netlogon && net start netlogon  && ipconfig /registerdns

The rung a DCDiag again
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Accepted Solution

by:
gleaver earned 0 total points
ID: 40004701
turned out to be a bug from barracuda spam and virus add-on for exchange locked up the entire exchange store and created many errors between replicating DC's....took hours to find the culprit since it was running as intended for such a long time.....uninstalled started working within seconds
0
 

Author Comment

by:gleaver
ID: 40004703
thanks for everyone's help!!!
0
 

Author Closing Comment

by:gleaver
ID: 40012212
got it worked out on my own
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question