Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Login scripts not running after Server 2003  DC server failure

Posted on 2014-08-25
12
Medium Priority
?
372 Views
Last Modified: 2014-09-12
First a little background.

I walked into the following setup:

SERVER08 - Windows 2008 R2 Std acting as PDC, GC, RID, Schema Master, Domain Naming (see ntdsutil results below)

SERVER03 - Windows 2003 Std Acting as DC, GC, RID, Infrastructure Master (not sure of all roles)

Functional level is  Windows 2000.

Server 03 had a hardware meltdown and could not be replaced.  Now when users log on the logon scripts do not run and apparently roaming profiles do not work either.  The correct logon scripts are located in the sysvol directory.  SERVER08 appears to have all the roles except Infrastructure Master.  see dcdiag below.

I have seen a couple articles about Server 2008 and seizing the Infrastructure role.  One says the GC cannot have this role, another article stated that it was possible as long as there was only 1 domain (which there is).   I would like to know if there would be any issues if I seize the Infrastructure Master role on SERVER08?

Listing the roles:
ntdsutil: roles
fsmo maintenance: connections
server connections: connect to server SERVER08
Binding to SERVER08 ...
Connected to SERVER08 using credentials of locally logged on user.
server connections: q
fsmo maintenance: select operation target
select operation target: list roles
Error parsing Input - Invalid Syntax.
select operation target: list roles for connected server
Server "SERVER08" knows about 5 roles
Schema - CN=NTDS Settings,CN=SERVER08,CN=Servers,CN=Default-First-Site-Nam
e,CN=Sites,CN=Configuration,DC=stwia,DC=local
Naming Master - CN=NTDS Settings,CN=SERVER08,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=stwia,DC=local
PDC - CN=NTDS Settings,CN=SERVER08,CN=Servers,CN=Default-First-Site-Name,C
N=Sites,CN=Configuration,DC=stwia,DC=local
RID - CN=NTDS Settings,CN=SERVER08,CN=Servers,CN=Default-First-Site-Name,C
N=Sites,CN=Configuration,DC=stwia,DC=local
Infrastructure - CN=NTDS Settings,CN=SERVER03,CN=Servers,CN=Default-First-Si
te-Name,CN=Sites,CN=Configuration,DC=stwia,DC=local
select operation target:

DCDIAG results
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.STWIA>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = SERVER08
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER08
      Starting test: Connectivity
         ......................... SERVER08 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER08
      Starting test: Advertising
         ......................... SERVER08 passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... SERVER08 failed test FrsEvent
      Starting test: DFSREvent
         ......................... SERVER08 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... SERVER08 passed test SysVolCheck
      Starting test: KccEvent
         ......................... SERVER08 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         [SERVER03] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         Warning: SERVER03 is the Infrastructure Update Owner, but is not
         responding to DS RPC Bind.
         Ldap search capabality attribute search failed on server SERVER03,
         return value = 81
         Warning: SERVER03 is the Infrastructure Update Owner, but is not
         responding to LDAP Bind.
         ......................... SERVER08 failed test
         KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... SERVER08 passed test MachineAccount
      Starting test: NCSecDesc
         ......................... SERVER08 passed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVER08 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... SERVER08 passed test ObjectsReplicated
      Starting test: Replications
         [Replications Check,SERVER08] A recent replication attempt
         failed:
            From SERVER03 to SERVER08
            Naming Context: DC=ForestDnsZones,DC=stwia,DC=local
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.

            The failure occurred at 2014-08-25 17:53:31.
            The last success occurred at 2014-07-04 05:49:16.
            1270 failures have occurred since the last success.
         [Replications Check,SERVER08] A recent replication attempt
         failed:
            From SERVER03 to SERVER08
            Naming Context: DC=DomainDnsZones,DC=stwia,DC=local
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.

            The failure occurred at 2014-08-25 17:53:31.
            The last success occurred at 2014-07-04 05:49:09.
            1270 failures have occurred since the last success.
         [Replications Check,SERVER08] A recent replication attempt
         failed:
            From SERVER03 to SERVER08
            Naming Context: CN=Schema,CN=Configuration,DC=stwia,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2014-08-25 17:54:13.
            The last success occurred at 2014-07-04 05:48:55.
            1264 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,SERVER08] A recent replication attempt
         failed:
            From SERVER03 to SERVER08
            Naming Context: CN=Configuration,DC=stwia,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2014-08-25 17:53:52.
            The last success occurred at 2014-07-04 05:48:52.
            1265 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,SERVER08] A recent replication attempt
         failed:
            From SERVER03 to SERVER08
            Naming Context: DC=stwia,DC=local
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2014-08-25 17:53:31.
            The last success occurred at 2014-07-04 06:15:28.
            1265 failures have occurred since the last success.
            The source remains down. Please check the machine.
         ......................... SERVER08 failed test Replications
      Starting test: RidManager
         ......................... SERVER08 passed test RidManager
      Starting test: Services
         ......................... SERVER08 passed test Services
      Starting test: SystemLog
         ......................... SERVER08 passed test SystemLog
      Starting test: VerifyReferences
         ......................... SERVER08 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : stwia
      Starting test: CheckSDRefDom
         ......................... stwia passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... stwia passed test CrossRefValidation

   Running enterprise tests on : stwia.local
      Starting test: LocatorCheck
         ......................... stwia.local passed test LocatorCheck
      Starting test: Intersite
         ......................... stwia.local passed test Intersite

C:\Users\administrator.STWIA>
0
Comment
Question by:laltobelli
  • 7
  • 5
12 Comments
 
LVL 36

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 40284679
you should seize those roles to the 2008 server

if the 2003 server is not coming back, clean it manually so the 2008 server will stop logging events about replication issues

Delete Failed DCs from Active Directory
http://www.petri.com/delete_failed_dcs_from_ad.htm

Clean Up Server Metadata
http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

if you do netdom query fsmo you can see what roles the 2003 server had and seize them on the 2008 server; no issues seizing the infra master

do the login scripts appear in the netlogon folder on the 2008 server?
where do the roaming profiles reside?
0
 

Author Comment

by:laltobelli
ID: 40286454
Hi Seth,

I think we're almost there.  I seized the Infrastructure role and now netdom query fsmo shows SERVER08 as having all of the roles.

However I'm still having problems with people logging in (user not recognized) and running dcdiag I still get an frsevent error:

Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... SERVER08 failed test FrsEvent

Running a gpupdate report on a workstation results in this error:

Group Policy Infrastructure failed due to the error listed below:
Logon failure: unknown user name or bad password
Note: Due to GP Core failure, none of the other Group Policy components processed their policy.  Consequently, status information for the other components is not available.
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40286478
FrsEvent could be ignored if that doesn't appear in dcdiag tomorrow
could be seeing errors, say from last night, that are within the last 24 hours it's reporting on

as far as the group policy errors go, any related errors on the domain controllers?
also, were clients using the 2003 server for DNS?  if so, has that (or dhcp scope(s) if being used) been updated to point to the 2008 server?  is the 2008 server pointing to itself for DNS?
0
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

 

Author Comment

by:laltobelli
ID: 40286530
DNS was running on both servers.  I removed the old server from the DNS settings, SERVER08 does point to itself.
I changed the DHCP Scope to point only to the new server.

It does not seem to be happening to all users, although not all of them have rebooted their systems either.
ipconfig /all returns SERVER 08 as the DHCP and DNS server.

I'm not seeing any Group Policy errors on the server.  Server is running very clean right now, very few errors.
0
 

Author Comment

by:laltobelli
ID: 40295016
Hi Seth,

We are getting there, thanks for all your suggestions.

DCDIAG is now running without errors, but scripts still do not appear to be running and the Home Folder Connect to drive is not working either.

Any suggestions?
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40295120
going back to my original post...

do the login scripts appear in the netlogon folder on the 2008 server?
where do the roaming profiles reside?
0
 

Author Comment

by:laltobelli
ID: 40304372
Hi Seth,

Sorry about the delay in getting back to you.  The login scripts are located in the netlogon folder:

C:\Windows\SYSVOL\domain\scripts
C:\Windows\SYSVOL\sysvol\stwia.local\scripts

My mistake on the Roaming Profiles, they are not using Roaming profiles.  They are using Home Folder Connect to setup a network drive, this is not working.   I can go and map the drive on the individual PCs, but it is not doing it as part of the profile when the users log on.
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40304590
what kind of script? batch file? vb script?
0
 

Author Comment

by:laltobelli
ID: 40306722
Batch file (login.bat)
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40306771
try putting pause as the last line
this will prompt to press any key which will allow you to see the window before it closes in case there are any errors
0
 

Author Comment

by:laltobelli
ID: 40312073
Hi Seth,

I did this for one user and the batch file did run (without errors).  The issue seems to have cleared up.  (I was also fighting a network switch issue at the same time and that appears to be working now too, it may be that the two were related).

I am going to monitor this for another day or two, if there are no more issues I will close this question.

I appreciate the help and will give you credit for  the resolution when I close it.

Thanks,

Larry
0
 

Author Closing Comment

by:laltobelli
ID: 40319665
Thanks to Seth everything looks good right now.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question