Solved

FrsEvent dcdiag server 2008

Posted on 2014-12-22
10
236 Views
Last Modified: 2015-01-11
dcdiag report below, how do i fix Frsevent ? it failed.


Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = FWBCH-SRV

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\FWBCH-SRV

      Starting test: Connectivity

         ......................... FWBCH-SRV passed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\FWBCH-SRV

      Starting test: Advertising

         ......................... FWBCH-SRV passed test Advertising

      Starting test: FrsEvent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.
         ......................... FWBCH-SRV failed test FrsEvent

      Starting test: DFSREvent

         ......................... FWBCH-SRV passed test DFSREvent

      Starting test: SysVolCheck

         ......................... FWBCH-SRV passed test SysVolCheck

      Starting test: KccEvent

         ......................... FWBCH-SRV passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... FWBCH-SRV passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... FWBCH-SRV passed test MachineAccount

      Starting test: NCSecDesc

         ......................... FWBCH-SRV passed test NCSecDesc

      Starting test: NetLogons

         ......................... FWBCH-SRV passed test NetLogons

      Starting test: ObjectsReplicated

         ......................... FWBCH-SRV passed test ObjectsReplicated

      Starting test: Replications

         ......................... FWBCH-SRV passed test Replications

      Starting test: RidManager

         ......................... FWBCH-SRV passed test RidManager

      Starting test: Services

         ......................... FWBCH-SRV passed test Services

      Starting test: SystemLog

         

      Starting test: VerifyReferences

         ......................... FWBCH-SRV passed test VerifyReferences

   
   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : fwbch

      Starting test: CheckSDRefDom

         ......................... fwbch passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... fwbch passed test CrossRefValidation

   
   Running enterprise tests on : fwbch.local

      Starting test: LocatorCheck

         ......................... fwbch.local passed test LocatorCheck

      Starting test: Intersite

         ......................... fwbch.local passed test Intersite
0
Comment
Question by:wjl3698
  • 5
  • 3
  • 2
10 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40513223
was the server rebooted in the last 24 hours?
if so, i would ignore it; usually happens during the reboot process as some services might come up before others and throw warnings but then stops once it's running
0
 

Author Comment

by:wjl3698
ID: 40513229
The server has been running for 3 days. net share i can see netlogon share and  SYSVOL.
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40513237
can you find the event log entry?
0
 

Author Comment

by:wjl3698
ID: 40513241
i cleared all system logs and reran dcdiag and still getting this error.
0
 

Accepted Solution

by:
wjl3698 earned 0 total points
ID: 40513273
i cleared DFS replication event logs and file replication service logs and reran dcdiag and it is now cleared up. so which log does Frsevent test use? because i would need to fix the errors in those logs so it doesn't keep on happening.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 4

Expert Comment

by:Vishalnarse
ID: 40513498
Hi

make sure that you can ping between the DCs with ip address, computer name and FQDN. Also make sure that no firewall is blocking AD replication traffic.

On the new DCs check also that the sysvol and netlogon folder exist and you can access them.

Did you wait after adprep commands, that remote sites have got all updates before promoting the new DCs?

Check in AD sites and services, that all DCs are listed and that the sites are using the correct subnet and that the replication topology is created either automatically or done manual for your needs.

Did you use latest SP/patches on the servers?

To stop the OutboundSecureChannels errors, use /skip:outboundsecurechannels. The tests are not valid and can be instead tested with NETDOM.EXE and NLTEST.EXE.
0
 

Author Comment

by:wjl3698
ID: 40513597
ping between the DCs?, i only have one DC. with 30 computers. with DNS/AD Roles.
sysvol and netlogon folder does  exist on net share command and can access them.

i'm not promoting any DCs. single DC with this issue.
i'm not promoting any DC. and current DC has all updates.
all DCs are listed, only one because i only have one.
0
 
LVL 4

Expert Comment

by:Vishalnarse
ID: 40515180
Hi,

Open command prompt and run "net share" on each DC to confirm the SYSVOL and NETLOGON shares are available.

Run "repadmin /replsum" and "ipconfig /all" of problem DC and post the result.

Ensure the following on each DC:

Each DC / DNS server points to its private IP address as primary DNS server and other internal/remote DNS servers as secondary DNS in TCP/IP property.
Each DC has just one IP address, if multiple NICs are present, disable unused NICs. Active NIC should be on top in NIC bind order.
Once you are done with above, open command prompt and run "ipconfig /flushdns & ipconfig /registerdns", restart DNS server and NETLOGON service on each DC.

Dcdiag fails for NCSecDesc test :
If you have not run adprep/rodcprep, Dcdiag.exe will return an error when it runs the NCSecDesc test. If you do not plan to add an RODC to the forest, you can disregard this error. If you plan to add an RODC to the forest, you must run adprep /rodcprep.
http://support.microsoft.com/kb/967482

DCDIAG another error message regarding the Group Policy :
"The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description."
As per Microsoft:

"This problem occurs on new 2008 DC in to a 2003 domain because the version number of the KRBTGT account increases when you perform an authoritative restoration. The KRBTGT account is a service account that is used by the Kerberos Key Distribution Center (KDC) service".

See KB939820 for a hotfix applicable to Microsoft Windows Server 2003 : http://support.microsoft.com/kb/939820

Reference: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/3fdc100f-16cb-4d4d-b1ca-4ce00bc7bbcc/

Refer to http://support.microsoft.com/kb/272279
You might want to also use any of the NTFRS troubleshooting utilities - http://www.microsoft.com/windowsserver2003/technologies/storage/dfs/tshootfrs.mspx

Regards,
0
 
LVL 4

Expert Comment

by:Vishalnarse
ID: 40515205
Hello,

SYSVOL share has become corrupt and you need to pull a new copy from the other DCs.
Browse on every DC to  \\domain.local\sysvol\domain.local\Policies one of them should have policies missing.
After you found problematic server log on to it and open up regedit.

1. Browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters
2. Create new DWORD value "Enable Journal Wrap Automatic Restore" and set it to 1
3. Stop/start the ntfrs service (net stop/start ntfrs)
4. Note the entries in the FRS log. (13560, 13520)
5. Change the value "Enable Journal Wrap Automatic Restore" to 0
6. Wait for replication to complete (13553, 13554)
7. Note success (13516 - no longer preventing from becoming DC)
8. Note other servers are now seeing event ID 13509 (NtFrs once again has connection)

Regards,
0
 

Author Closing Comment

by:wjl3698
ID: 40542853
i did this and fixed my alert.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now