Solved

ACTIVE DIRECTORY ISSUES AFTER RESTARTING EXCHANGE SERVER

Posted on 2014-04-10
6
398 Views
Last Modified: 2014-04-21
AFTER RESTARTING SERVER FOR WINDOWS UPDATES....AD IS NOT FUNCTIONING LIKE IT SHOULD INTERMITTENT ERRORS FROM DCDIAG.....

HERE IS OUTPUT;

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Connectivity
         ......................... TMA-SERVICES passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Replications
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=ForestDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:32.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=DomainDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:31.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: CN=Schema,CN=Configuration,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:30.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         ......................... TMA-SERVICES passed test Replications
      Starting test: NCSecDesc
         ......................... TMA-SERVICES passed test NCSecDesc
      Starting test: NetLogons
         ......................... TMA-SERVICES passed test NetLogons
      Starting test: Advertising
         ......................... TMA-SERVICES passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TMA-SERVICES passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... TMA-SERVICES passed test RidManager
      Starting test: MachineAccount
         ......................... TMA-SERVICES passed test MachineAccount
      Starting test: Services
         ......................... TMA-SERVICES passed test Services
      Starting test: ObjectsReplicated
         ......................... TMA-SERVICES passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... TMA-SERVICES passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... TMA-SERVICES failed test frsevent
      Starting test: kccevent
         ......................... TMA-SERVICES passed test kccevent
      Starting test: systemlog
         ......................... TMA-SERVICES passed test systemlog
      Starting test: VerifyReferences
         ......................... TMA-SERVICES passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : toomanyamps
      Starting test: CrossRefValidation
         ......................... toomanyamps passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... toomanyamps passed test CheckSDRefDom

   Running enterprise tests on : toomanyamps.local
      Starting test: Intersite
         ......................... toomanyamps.local passed test Intersite
      Starting test: FsmoCheck
         ......................... toomanyamps.local passed test FsmoCheck
0
Comment
Question by:gleaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 

Author Comment

by:gleaver
ID: 39992629
FROM THE OTHER DC ALSO RUNS EXCHANGE;

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Connectivity
         ......................... TMA-SERVICES passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\TMA-SERVICES
      Starting test: Replications
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=ForestDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:32.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: DC=DomainDnsZones,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:31.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         [Replications Check,TMA-SERVICES] A recent replication attempt failed:
            From NEWSERVICES to TMA-SERVICES
            Naming Context: CN=Schema,CN=Configuration,DC=toomanyamps,DC=local
            The replication generated an error (1908):
            Could not find the domain controller for this domain.
            The failure occurred at 2014-04-10 11:58:30.
            The last success occurred at 2014-04-10 11:46:02.
            1 failures have occurred since the last success.
            Kerberos Error.
            A KDC was not found to authenticate the call.
            Check that sufficient domain controllers are available.
         ......................... TMA-SERVICES passed test Replications
      Starting test: NCSecDesc
         ......................... TMA-SERVICES passed test NCSecDesc
      Starting test: NetLogons
         ......................... TMA-SERVICES passed test NetLogons
      Starting test: Advertising
         ......................... TMA-SERVICES passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... TMA-SERVICES passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... TMA-SERVICES passed test RidManager
      Starting test: MachineAccount
         ......................... TMA-SERVICES passed test MachineAccount
      Starting test: Services
         ......................... TMA-SERVICES passed test Services
      Starting test: ObjectsReplicated
         ......................... TMA-SERVICES passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... TMA-SERVICES passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... TMA-SERVICES failed test frsevent
      Starting test: kccevent
         ......................... TMA-SERVICES passed test kccevent
      Starting test: systemlog
         ......................... TMA-SERVICES passed test systemlog
      Starting test: VerifyReferences
         ......................... TMA-SERVICES passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : toomanyamps
      Starting test: CrossRefValidation
         ......................... toomanyamps passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... toomanyamps passed test CheckSDRefDom

   Running enterprise tests on : toomanyamps.local
      Starting test: Intersite
         ......................... toomanyamps.local passed test Intersite
      Starting test: FsmoCheck
         ......................... toomanyamps.local passed test FsmoCheck
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39992757
What happens if you rollback the changes/updates?  Get rid of them and DCDIAG.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 500 total points
ID: 40000474
Your Exchange server is running on a separate server correct?

Is this the first time you are getting these errors after restart your DC?

As a test run the following commands on your DC:
net stop netlogon && net start netlogon  && ipconfig /registerdns

The rung a DCDiag again
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Accepted Solution

by:
gleaver earned 0 total points
ID: 40004701
turned out to be a bug from barracuda spam and virus add-on for exchange locked up the entire exchange store and created many errors between replicating DC's....took hours to find the culprit since it was running as intended for such a long time.....uninstalled started working within seconds
0
 

Author Comment

by:gleaver
ID: 40004703
thanks for everyone's help!!!
0
 

Author Closing Comment

by:gleaver
ID: 40012212
got it worked out on my own
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question