FrsEvent dcdiag server 2008

dcdiag report below, how do i fix Frsevent ? it failed.


Directory Server Diagnosis


Performing initial setup:

   Trying to find home server...

   Home Server = FWBCH-SRV

   * Identified AD Forest.
   Done gathering initial info.


Doing initial required tests

   
   Testing server: Default-First-Site-Name\FWBCH-SRV

      Starting test: Connectivity

         ......................... FWBCH-SRV passed test Connectivity



Doing primary tests

   
   Testing server: Default-First-Site-Name\FWBCH-SRV

      Starting test: Advertising

         ......................... FWBCH-SRV passed test Advertising

      Starting test: FrsEvent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.
         ......................... FWBCH-SRV failed test FrsEvent

      Starting test: DFSREvent

         ......................... FWBCH-SRV passed test DFSREvent

      Starting test: SysVolCheck

         ......................... FWBCH-SRV passed test SysVolCheck

      Starting test: KccEvent

         ......................... FWBCH-SRV passed test KccEvent

      Starting test: KnowsOfRoleHolders

         ......................... FWBCH-SRV passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         ......................... FWBCH-SRV passed test MachineAccount

      Starting test: NCSecDesc

         ......................... FWBCH-SRV passed test NCSecDesc

      Starting test: NetLogons

         ......................... FWBCH-SRV passed test NetLogons

      Starting test: ObjectsReplicated

         ......................... FWBCH-SRV passed test ObjectsReplicated

      Starting test: Replications

         ......................... FWBCH-SRV passed test Replications

      Starting test: RidManager

         ......................... FWBCH-SRV passed test RidManager

      Starting test: Services

         ......................... FWBCH-SRV passed test Services

      Starting test: SystemLog

         

      Starting test: VerifyReferences

         ......................... FWBCH-SRV passed test VerifyReferences

   
   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : fwbch

      Starting test: CheckSDRefDom

         ......................... fwbch passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... fwbch passed test CrossRefValidation

   
   Running enterprise tests on : fwbch.local

      Starting test: LocatorCheck

         ......................... fwbch.local passed test LocatorCheck

      Starting test: Intersite

         ......................... fwbch.local passed test Intersite
wjl3698Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Seth SimmonsSr. Systems AdministratorCommented:
was the server rebooted in the last 24 hours?
if so, i would ignore it; usually happens during the reboot process as some services might come up before others and throw warnings but then stops once it's running
0
wjl3698Author Commented:
The server has been running for 3 days. net share i can see netlogon share and  SYSVOL.
0
Seth SimmonsSr. Systems AdministratorCommented:
can you find the event log entry?
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

wjl3698Author Commented:
i cleared all system logs and reran dcdiag and still getting this error.
0
wjl3698Author Commented:
i cleared DFS replication event logs and file replication service logs and reran dcdiag and it is now cleared up. so which log does Frsevent test use? because i would need to fix the errors in those logs so it doesn't keep on happening.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
VishalnarseSystem Wintel Administrator L2Commented:
Hi

make sure that you can ping between the DCs with ip address, computer name and FQDN. Also make sure that no firewall is blocking AD replication traffic.

On the new DCs check also that the sysvol and netlogon folder exist and you can access them.

Did you wait after adprep commands, that remote sites have got all updates before promoting the new DCs?

Check in AD sites and services, that all DCs are listed and that the sites are using the correct subnet and that the replication topology is created either automatically or done manual for your needs.

Did you use latest SP/patches on the servers?

To stop the OutboundSecureChannels errors, use /skip:outboundsecurechannels. The tests are not valid and can be instead tested with NETDOM.EXE and NLTEST.EXE.
0
wjl3698Author Commented:
ping between the DCs?, i only have one DC. with 30 computers. with DNS/AD Roles.
sysvol and netlogon folder does  exist on net share command and can access them.

i'm not promoting any DCs. single DC with this issue.
i'm not promoting any DC. and current DC has all updates.
all DCs are listed, only one because i only have one.
0
VishalnarseSystem Wintel Administrator L2Commented:
Hi,

Open command prompt and run "net share" on each DC to confirm the SYSVOL and NETLOGON shares are available.

Run "repadmin /replsum" and "ipconfig /all" of problem DC and post the result.

Ensure the following on each DC:

Each DC / DNS server points to its private IP address as primary DNS server and other internal/remote DNS servers as secondary DNS in TCP/IP property.
Each DC has just one IP address, if multiple NICs are present, disable unused NICs. Active NIC should be on top in NIC bind order.
Once you are done with above, open command prompt and run "ipconfig /flushdns & ipconfig /registerdns", restart DNS server and NETLOGON service on each DC.

Dcdiag fails for NCSecDesc test :
If you have not run adprep/rodcprep, Dcdiag.exe will return an error when it runs the NCSecDesc test. If you do not plan to add an RODC to the forest, you can disregard this error. If you plan to add an RODC to the forest, you must run adprep /rodcprep.
http://support.microsoft.com/kb/967482

DCDIAG another error message regarding the Group Policy :
"The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description."
As per Microsoft:

"This problem occurs on new 2008 DC in to a 2003 domain because the version number of the KRBTGT account increases when you perform an authoritative restoration. The KRBTGT account is a service account that is used by the Kerberos Key Distribution Center (KDC) service".

See KB939820 for a hotfix applicable to Microsoft Windows Server 2003 : http://support.microsoft.com/kb/939820

Reference: http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/3fdc100f-16cb-4d4d-b1ca-4ce00bc7bbcc/

Refer to http://support.microsoft.com/kb/272279
You might want to also use any of the NTFRS troubleshooting utilities - http://www.microsoft.com/windowsserver2003/technologies/storage/dfs/tshootfrs.mspx

Regards,
0
VishalnarseSystem Wintel Administrator L2Commented:
Hello,

SYSVOL share has become corrupt and you need to pull a new copy from the other DCs.
Browse on every DC to  \\domain.local\sysvol\domain.local\Policies one of them should have policies missing.
After you found problematic server log on to it and open up regedit.

1. Browse to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters
2. Create new DWORD value "Enable Journal Wrap Automatic Restore" and set it to 1
3. Stop/start the ntfrs service (net stop/start ntfrs)
4. Note the entries in the FRS log. (13560, 13520)
5. Change the value "Enable Journal Wrap Automatic Restore" to 0
6. Wait for replication to complete (13553, 13554)
7. Note success (13516 - no longer preventing from becoming DC)
8. Note other servers are now seeing event ID 13509 (NtFrs once again has connection)

Regards,
0
wjl3698Author Commented:
i did this and fixed my alert.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.