John Wetherall
asked on
Cannot connect to Active Directory on server 2016
Have been setting up a new server running windows 2016 server. So far all that has been added apart from the default install is Active directory and DNS. I was originally receiving event id's 404, 407 and 408 on the DNS but that appears to be resolved. Still cannot contact the DC from an external machine and the active directory is reporting event id 1202 for both DFR and ADWS. I have attached copies of the results from ipconfig /all, dcdiag and netstat. All but one of the network cards have been disabled as has IPV6 on the DC. Any help resolving this issue would be much appreciated as I'm running out of hair to pull out. :)
ipconfig.txt
dcdiag.txt
netstat.txt
ipconfig.txt
dcdiag.txt
netstat.txt
ASKER
Actually have the firewall off. I can access the sysvol folder from the pc I am trying to connect to the DC. The current set up is on a test bench, so it's only one pc, the server and a switch. I disabled IPv6 as it is listed as one of the possible solutions to this issue on TechNet. I can resolve the Domain on the DC, but not from an external PC.
The PC that you are trying to connect to the domain, is it on the same network as the domain, and is the PC pointing to domain server DNS. What ever the IP address of the DNS server is, make sure the PC is pointing to it for DNS, whether you have to manually enter the DNS servers on the PC or let DHCP provide it. If you can't connect it might be because the PC isnt point to the correct DNS server.
Post the ipconfig and netstat from the system.
DHCP is not running on the server so as timgreen pointed the workstations may get a different name server record which has no info on your ad and thus can not be located.
DHCP is not running on the server so as timgreen pointed the workstations may get a different name server record which has no info on your ad and thus can not be located.
ASKER
The pc is statically set to
ip 192.168.0.2
sn 255.255.255.0
gw 192.168.0.250 (one on site)
DNS 192.168.0.99
Server
ip 192.168.0.99
sn 255.255.255.0
gw 192.168.0.250
dns 192.168.0.99
ip 192.168.0.2
sn 255.255.255.0
gw 192.168.0.250 (one on site)
DNS 192.168.0.99
Server
ip 192.168.0.99
sn 255.255.255.0
gw 192.168.0.250
dns 192.168.0.99
Looks good. Are you getting any errors when you attempt to connect.
Run the following
nslookup -q=SRV _tcp._ldap.dc._msdcs.247ro ad.locali
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro ad.local
Keeping mixing up,
nslookup -q=SRV _tcp._ldap.dc._msdcs.247ro
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro
Keeping mixing up,
ASKER
Actually did have DCHP running on site, didn't re-install it after the last re-install of the server to simplify fault finding. Also have tested the pc connecting to my server here to rule out issues with the p.c.. After taking the new server out to the client and it not working with any of their PC's, brought it back to a more controlled environment.
Run and post netstat -na
Checking which ports are open/listening.
IPv6
Checking which ports are open/listening.
IPv6
ASKER
C:\Users\Administrator>nsl ookup -q=SRV _ldap._tcp.dc._msdcs.247ro ad.local
Server: UnKnown
Address: 192.168.0.99
_ldap._tcp.dc._msdcs.247ro ad.local SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = 247SERVER1.247ROAD.local
247SERVER1.247ROAD.local
Server: UnKnown
Address: 192.168.0.99
_ldap._tcp.dc._msdcs.247ro
priority = 0
weight = 100
port = 389
svr hostname = 247SERVER1.247ROAD.local
247SERVER1.247ROAD.local
ASKER
Sorry, previous from the server, workstation just reports unknown domain.
Here is my check list,
1) IP segment on site, netmask
2) DHCP server if any
3) existing DC?
I prefer running the DHCP on the server whose scope options for DNS only pushes the DC's ip.
No forwarders, unless there is a specific domain, VPN, etc. where requests from your internal need to be forwarded to.
Look at the ipconfig of the workstation that is being joined.
1) IP segment on site, netmask
2) DHCP server if any
3) existing DC?
I prefer running the DHCP on the server whose scope options for DNS only pushes the DC's ip.
No forwarders, unless there is a specific domain, VPN, etc. where requests from your internal need to be forwarded to.
Look at the ipconfig of the workstation that is being joined.
Nslookup 247SERVER1.247ROAD.local
I suspect that while the firewall is off, port 389 is being blocked.
I.e. Try to connect using telnet to 192.168.0.99 389
Windows firewall, while the firewall might be off if the port is not it could fail to connect.
Use advanced firewall settings to allow LDAP 389 access on the server.
I suspect that while the firewall is off, port 389 is being blocked.
I.e. Try to connect using telnet to 192.168.0.99 389
Windows firewall, while the firewall might be off if the port is not it could fail to connect.
Use advanced firewall settings to allow LDAP 389 access on the server.
Even when Windows firewall is disabled, the advanced firewall rules still apply/interfere.
ASKER
C:\Users\Administrator>net stat -na
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING
TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49678 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49697 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49730 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49810 0.0.0.0:0 LISTENING
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING
TCP 127.0.0.1:389 127.0.0.1:49675 ESTABLISHED
TCP 127.0.0.1:389 127.0.0.1:49677 ESTABLISHED
TCP 127.0.0.1:389 127.0.0.1:49692 ESTABLISHED
TCP 127.0.0.1:49675 127.0.0.1:389 ESTABLISHED
TCP 127.0.0.1:49677 127.0.0.1:389 ESTABLISHED
TCP 127.0.0.1:49692 127.0.0.1:389 ESTABLISHED
TCP 192.168.0.99:53 0.0.0.0:0 LISTENING
TCP 192.168.0.99:139 0.0.0.0:0 LISTENING
TCP 192.168.0.99:389 192.168.0.99:49696 ESTABLISHED
TCP 192.168.0.99:389 192.168.0.99:49723 ESTABLISHED
TCP 192.168.0.99:389 192.168.0.99:49727 ESTABLISHED
TCP 192.168.0.99:49696 192.168.0.99:389 ESTABLISHED
TCP 192.168.0.99:49723 192.168.0.99:389 ESTABLISHED
TCP 192.168.0.99:49727 192.168.0.99:389 ESTABLISHED
TCP [::]:88 [::]:0 LISTENING
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:464 [::]:0 LISTENING
TCP [::]:593 [::]:0 LISTENING
TCP [::]:5985 [::]:0 LISTENING
TCP [::]:9389 [::]:0 LISTENING
TCP [::]:47001 [::]:0 LISTENING
TCP [::]:49664 [::]:0 LISTENING
TCP [::]:49665 [::]:0 LISTENING
TCP [::]:49666 [::]:0 LISTENING
TCP [::]:49667 [::]:0 LISTENING
TCP [::]:49669 [::]:0 LISTENING
TCP [::]:49670 [::]:0 LISTENING
TCP [::]:49673 [::]:0 LISTENING
TCP [::]:49678 [::]:0 LISTENING
TCP [::]:49697 [::]:0 LISTENING
TCP [::]:49730 [::]:0 LISTENING
TCP [::]:49810 [::]:0 LISTENING
TCP [::1]:53 [::]:0 LISTENING
TCP [::1]:49667 [::1]:49700 ESTABLISHED
TCP [::1]:49667 [::1]:49725 ESTABLISHED
TCP [::1]:49667 [::1]:49774 ESTABLISHED
TCP [::1]:49700 [::1]:49667 ESTABLISHED
TCP [::1]:49725 [::1]:49667 ESTABLISHED
TCP [::1]:49774 [::1]:49667 ESTABLISHED
UDP 0.0.0.0:123 *:*
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING
TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49678 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49697 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49730 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49810 0.0.0.0:0 LISTENING
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING
TCP 127.0.0.1:389 127.0.0.1:49675 ESTABLISHED
TCP 127.0.0.1:389 127.0.0.1:49677 ESTABLISHED
TCP 127.0.0.1:389 127.0.0.1:49692 ESTABLISHED
TCP 127.0.0.1:49675 127.0.0.1:389 ESTABLISHED
TCP 127.0.0.1:49677 127.0.0.1:389 ESTABLISHED
TCP 127.0.0.1:49692 127.0.0.1:389 ESTABLISHED
TCP 192.168.0.99:53 0.0.0.0:0 LISTENING
TCP 192.168.0.99:139 0.0.0.0:0 LISTENING
TCP 192.168.0.99:389 192.168.0.99:49696 ESTABLISHED
TCP 192.168.0.99:389 192.168.0.99:49723 ESTABLISHED
TCP 192.168.0.99:389 192.168.0.99:49727 ESTABLISHED
TCP 192.168.0.99:49696 192.168.0.99:389 ESTABLISHED
TCP 192.168.0.99:49723 192.168.0.99:389 ESTABLISHED
TCP 192.168.0.99:49727 192.168.0.99:389 ESTABLISHED
TCP [::]:88 [::]:0 LISTENING
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:464 [::]:0 LISTENING
TCP [::]:593 [::]:0 LISTENING
TCP [::]:5985 [::]:0 LISTENING
TCP [::]:9389 [::]:0 LISTENING
TCP [::]:47001 [::]:0 LISTENING
TCP [::]:49664 [::]:0 LISTENING
TCP [::]:49665 [::]:0 LISTENING
TCP [::]:49666 [::]:0 LISTENING
TCP [::]:49667 [::]:0 LISTENING
TCP [::]:49669 [::]:0 LISTENING
TCP [::]:49670 [::]:0 LISTENING
TCP [::]:49673 [::]:0 LISTENING
TCP [::]:49678 [::]:0 LISTENING
TCP [::]:49697 [::]:0 LISTENING
TCP [::]:49730 [::]:0 LISTENING
TCP [::]:49810 [::]:0 LISTENING
TCP [::1]:53 [::]:0 LISTENING
TCP [::1]:49667 [::1]:49700 ESTABLISHED
TCP [::1]:49667 [::1]:49725 ESTABLISHED
TCP [::1]:49667 [::1]:49774 ESTABLISHED
TCP [::1]:49700 [::1]:49667 ESTABLISHED
TCP [::1]:49725 [::1]:49667 ESTABLISHED
TCP [::1]:49774 [::1]:49667 ESTABLISHED
UDP 0.0.0.0:123 *:*
ASKER
Actually checked the settings for the firewall and that is set to allow 389 before I disabled as a last resort. but will try telnet in a sec as well. Have been at this for 2 days and have gone thru everything I could find on TechNet or via web searches. Have re-installed the server 4 times to make sure I start clean with each major fault finding effort.
Well your issue right now is that your workstation lacks access to the port 53 udp/TCP name server to resolve the domain.
389 is used after the DC is located by he command you posted for the lookup on the server.
You should disable the Windows firewall but go through the advanced firewall settings to allow inbound
Name server, port 53 access, limit the scope to private and work/domain leave it blocked on public. Zone.
Add zone 192.168.0 zone to your DNS server and then add pointer record
99 IN PTR 247server.247road.local.
This way instead of getting unknown, your lookups will reflect the name of the server hosting DNS.
389 is used after the DC is located by he command you posted for the lookup on the server.
You should disable the Windows firewall but go through the advanced firewall settings to allow inbound
Name server, port 53 access, limit the scope to private and work/domain leave it blocked on public. Zone.
Add zone 192.168.0 zone to your DNS server and then add pointer record
99 IN PTR 247server.247road.local.
This way instead of getting unknown, your lookups will reflect the name of the server hosting DNS.
ASKER
Had already checked port 53 in the firewall. please see attached picture
port.JPG
port.JPG
from the workstation you need to receive answers to
nslookup 247server.247road.local 192.168.0.99
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro ad.local 192.168.0.99
until these provide responses identical to the data you get on the server, you will not advance.
In what zone does the server say it is in the network and internet settings for the local connection, does it show internet access? limited access. You might want to disable the MS connection check
GPO computer configuration, administrative templates,system, internet connection management, internet communication settings
enable turn off windows network connectivity status indicator active test.
does the server have any additional software installed i.e. anti-virus/internet security that may interfer/block access to port 53, 389, 445?
double check that the
nslookup 247server.247road.local 192.168.0.99
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro
until these provide responses identical to the data you get on the server, you will not advance.
In what zone does the server say it is in the network and internet settings for the local connection, does it show internet access? limited access. You might want to disable the MS connection check
GPO computer configuration, administrative templates,system, internet connection management, internet communication settings
enable turn off windows network connectivity status indicator active test.
does the server have any additional software installed i.e. anti-virus/internet security that may interfer/block access to port 53, 389, 445?
double check that the
ASKER
No other software. Fresh install of server and only added features are Domain services and dns. Have actually tried 3 different network cards 2x Intel and one realtek chipsets in case the driver was causing problems. no internet access as I have the system isolated but I can browse from each one to the other. The local connections is showing connected to domain 247ROAD.local. Will check the policies and get back to you on that one.
ASKER
response to
nslookup 247server.247road.local 192.168.0.99
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro ad.local 192.168.0.99
from the workstation attached
nslook.JPG
nslookup 247server.247road.local 192.168.0.99
nslookup -q=SRV _ldap._tcp.dc._msdcs.247ro
from the workstation attached
nslook.JPG
The dcdiag output is not complete
please run dcdiag /v and dcdiag /q and post output of both commands
It is dcdiag only who can tell us now what is wrong with DC, I don't see any issue with client machine
please run dcdiag /v and dcdiag /q and post output of both commands
It is dcdiag only who can tell us now what is wrong with DC, I don't see any issue with client machine
ASKER
Here are the results
C:\Users\Administrator>dcd iag /q
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... 247SERVER1 failed test DFSREvent
C:\Users\Administrator>dcd iag /v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine 247SERVER1, is a Directory Server.
Home Server = 247SERVER1
* Connecting to directory service on server 247SERVER1.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld, CN=Sites,C N=Configur ation,DC=2 47ROAD,DC= local,LDAP _SCOPE_SUB TREE,(obje ctCategory =ntDSSiteS ettings),. ......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First- Site-Name, CN=Sites,C N=Configur ation,DC=2 47ROAD,DC= local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld, CN=Sites,C N=Configur ation,DC=2 47ROAD,DC= local,LDAP _SCOPE_SUB TREE,(obje ctClass=nt DSDsa),... ....
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\24 7SERVER1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... 247SERVER1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\24 7SERVER1
Starting test: Advertising
The DC 247SERVER1 is advertising itself as a DC and having a DS.
The DC 247SERVER1 is advertising as an LDAP server
The DC 247SERVER1 is advertising as having a writeable directory
The DC 247SERVER1 is advertising as a Key Distribution Center
The DC 247SERVER1 is advertising as a time server
The DS 247SERVER1 is advertising as a GC.
......................... 247SERVER1 passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... 247SERVER1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 03:52:25
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:20:17
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:51:19
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:56:48
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 05:05:53
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:01:09
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:28:18
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:46:32
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 07:20:49
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 07:32:47
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 08:24:30
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 09:57:02
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 10:04:00
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 10:44:03
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 11:09:03
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
......................... 247SERVER1 failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... 247SERVER1 passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... 247SERVER1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
Role Domain Owner = CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
Role PDC Owner = CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
Role Rid Owner = CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
......................... 247SERVER1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC 247SERVER1 on DC 247SERVER1.
* SPN found :LDAP/247SERVER1.247ROAD.l ocal/247RO AD.local
* SPN found :LDAP/247SERVER1.247ROAD.l ocal
* SPN found :LDAP/247SERVER1
* SPN found :LDAP/247SERVER1.247ROAD.l ocal/247RO AD
* SPN found :LDAP/f6496178-a9c8-49c2-a 0b9-491b7d bb777a._ms dcs.247ROA D.local
* SPN found :E3514235-4B06-11D1-AB04-0 0C04FC2DCD 2/f6496178 -a9c8-49c2 -a0b9-491b 7dbb777a/2 47ROAD.loc al
* SPN found :HOST/247SERVER1.247ROAD.l ocal/247RO AD.local
* SPN found :HOST/247SERVER1.247ROAD.l ocal
* SPN found :HOST/247SERVER1
* SPN found :HOST/247SERVER1.247ROAD.l ocal/247RO AD
* SPN found :GC/247SERVER1.247ROAD.loc al/247ROAD .local
......................... 247SERVER1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC 247SERVER1.
* Security Permissions Check for
DC=ForestDnsZones,DC=247RO AD,DC=loca l
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=247RO AD,DC=loca l
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration ,DC=247ROA D,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=247ROA D,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=247ROAD,DC=local
(Domain,Version 3)
......................... 247SERVER1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\247SERVER1\netlogon
Verified share \\247SERVER1\sysvol
......................... 247SERVER1 passed test NetLogons
Starting test: ObjectsReplicated
247SERVER1 is in domain DC=247ROAD,DC=local
Checking for CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC= local in domain DC=247ROAD,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local in domain CN=Configuration,DC=247ROA D,DC=local on 1 servers
Object is up-to-date on all servers.
......................... 247SERVER1 passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
......................... 247SERVER1 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 1600 to 1073741823
* 247SERVER1.247ROAD.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1102
......................... 247SERVER1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... 247SERVER1 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... 247SERVER1 passed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC= local and
backlink on CN=247SERVER1,CN=Servers,C N=Default- First-Site -Name,CN=S ites,CN=Co nfiguratio n,DC=247RO AD,DC=loca l
are correct.
The system object reference (serverReferenceBL)
CN=247SERVER1,CN=Topology, CN=Domain System Volume,CN=DFSR-GlobalSetti ngs,CN=Sys tem,DC=247 ROAD,DC=lo cal and
backlink on
CN=NTDS Settings,CN=247SERVER1,CN= Servers,CN =Default-F irst-Site- Name,CN=Si tes,CN=Con figuration ,DC=247ROA D,DC=local
are correct.
The system object reference (msDFSR-ComputerReferenceB L)
CN=247SERVER1,CN=Topology, CN=Domain System Volume,CN=DFSR-GlobalSetti ngs,CN=Sys tem,DC=247 ROAD,DC=lo cal and
backlink on CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC= local are correct.
......................... 247SERVER1 passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : 247ROAD
Starting test: CheckSDRefDom
......................... 247ROAD passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... 247ROAD passed test CrossRefValidation
Running enterprise tests on : 247ROAD.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
PDC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
Time Server Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
Preferred Time Server Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
KDC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
......................... 247ROAD.local passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
provided.
......................... 247ROAD.local passed test Intersite
C:\Users\Administrator>
C:\Users\Administrator>dcd
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
......................... 247SERVER1 failed test DFSREvent
C:\Users\Administrator>dcd
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine 247SERVER1, is a Directory Server.
Home Server = 247SERVER1
* Connecting to directory service on server 247SERVER1.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=247SERVER1,CN=
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\24
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... 247SERVER1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\24
Starting test: Advertising
The DC 247SERVER1 is advertising itself as a DC and having a DS.
The DC 247SERVER1 is advertising as an LDAP server
The DC 247SERVER1 is advertising as having a writeable directory
The DC 247SERVER1 is advertising as a Key Distribution Center
The DC 247SERVER1 is advertising as a time server
The DS 247SERVER1 is advertising as a GC.
......................... 247SERVER1 passed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... 247SERVER1 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 03:52:25
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:20:17
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:51:19
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 04:56:48
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 05:05:53
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:01:09
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:28:18
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 06:46:32
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 07:20:49
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 07:32:47
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 08:24:30
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 09:57:02
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 10:04:00
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 10:44:03
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
An error event occurred. EventID: 0xC00004B2
Time Generated: 03/08/2018 11:09:03
Event String:
The DFS Replication service failed to contact domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
Additional Information:
Error: 160 (One or more arguments are not correct.)
......................... 247SERVER1 failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... 247SERVER1 passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... 247SERVER1 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=247SERVER1,CN=
Role Domain Owner = CN=NTDS Settings,CN=247SERVER1,CN=
Role PDC Owner = CN=NTDS Settings,CN=247SERVER1,CN=
Role Rid Owner = CN=NTDS Settings,CN=247SERVER1,CN=
Role Infrastructure Update Owner = CN=NTDS Settings,CN=247SERVER1,CN=
......................... 247SERVER1 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC 247SERVER1 on DC 247SERVER1.
* SPN found :LDAP/247SERVER1.247ROAD.l
* SPN found :LDAP/247SERVER1.247ROAD.l
* SPN found :LDAP/247SERVER1
* SPN found :LDAP/247SERVER1.247ROAD.l
* SPN found :LDAP/f6496178-a9c8-49c2-a
* SPN found :E3514235-4B06-11D1-AB04-0
* SPN found :HOST/247SERVER1.247ROAD.l
* SPN found :HOST/247SERVER1.247ROAD.l
* SPN found :HOST/247SERVER1
* SPN found :HOST/247SERVER1.247ROAD.l
* SPN found :GC/247SERVER1.247ROAD.loc
......................... 247SERVER1 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC 247SERVER1.
* Security Permissions Check for
DC=ForestDnsZones,DC=247RO
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=247RO
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=247ROA
(Configuration,Version 3)
* Security Permissions Check for
DC=247ROAD,DC=local
(Domain,Version 3)
......................... 247SERVER1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\247SERVER1\netlogon
Verified share \\247SERVER1\sysvol
......................... 247SERVER1 passed test NetLogons
Starting test: ObjectsReplicated
247SERVER1 is in domain DC=247ROAD,DC=local
Checking for CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC=
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=247SERVER1,CN=
Object is up-to-date on all servers.
......................... 247SERVER1 passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
......................... 247SERVER1 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 1600 to 1073741823
* 247SERVER1.247ROAD.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1100 to 1599
* rIDPreviousAllocationPool is 1100 to 1599
* rIDNextRID: 1102
......................... 247SERVER1 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... 247SERVER1 passed test Services
Starting test: SystemLog
* The System Event log test
Found no errors in "System" Event log in the last 60 minutes.
......................... 247SERVER1 passed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference) CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC=
backlink on CN=247SERVER1,CN=Servers,C
are correct.
The system object reference (serverReferenceBL)
CN=247SERVER1,CN=Topology,
backlink on
CN=NTDS Settings,CN=247SERVER1,CN=
are correct.
The system object reference (msDFSR-ComputerReferenceB
CN=247SERVER1,CN=Topology,
backlink on CN=247SERVER1,OU=Domain Controllers,DC=247ROAD,DC=
......................... 247SERVER1 passed test VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : 247ROAD
Starting test: CheckSDRefDom
......................... 247ROAD passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... 247ROAD passed test CrossRefValidation
Running enterprise tests on : 247ROAD.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
PDC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
Time Server Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
Preferred Time Server Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
KDC Name: \\247SERVER1.247ROAD.local
Locator Flags: 0xe001f3fd
......................... 247ROAD.local passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
provided.
......................... 247ROAD.local passed test Intersite
C:\Users\Administrator>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
At the moment yes, it is intended to be the first DC. and yes, just unticked the box for IPv6.
C:\Users\Administrator>net share
Share name Resource Remark
-------------------------- ---------- ---------- ---------- ---------- ---------- ---
C$ C:\ Default share
IPC$ Remote IPC
ADMIN$ C:\Windows Remote Admin
NETLOGON C:\Windows\SYSVOL\sysvol\2 47ROAD.loc al\SCRIPTS
Logon server share
SYSVOL C:\Windows\SYSVOL\sysvol Logon server share
The command completed successfully.
C:\Users\Administrator>
will go and try the rebuild
C:\Users\Administrator>net
Share name Resource Remark
--------------------------
C$ C:\ Default share
IPC$ Remote IPC
ADMIN$ C:\Windows Remote Admin
NETLOGON C:\Windows\SYSVOL\sysvol\2
Logon server share
SYSVOL C:\Windows\SYSVOL\sysvol Logon server share
The command completed successfully.
C:\Users\Administrator>
will go and try the rebuild
That's perfectly fine
Note that you need to follow article steps under "Authoritative Restore"
Note that you need to follow article steps under "Authoritative Restore"
ASKER
Just realised that since I hadn't installed the DFSR Role, the tools are not there, just sorting it out.
no need to install DFSR role, its DC, by default DFS-R service will be there, its by design
ASKER
Yes but the tools aren't, needed DFSRDIAG installed. just completed it and every thing came up as completed no errors. Still no joy.
have you completed dfsr authoritative restore?
can you check event logs on DC - DFSR events
can you check event logs on DC - DFSR events
ASKER
last event id is 1202 - failed to contact domain controller
did you see any dfsr restore related events?
After that can you restart dfsr service and let me know what events are generated?
it can be successful and failed both?
After that can you restart dfsr service and let me know what events are generated?
it can be successful and failed both?
ASKER
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:28:56 PM
Event ID: 4602
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully initialized the SYSVOL replicated folder at local path C:\Windows\SYSVOL\domain. This member is the designated primary member for this replicated folder. No user action is required. To check for the presence of the SYSVOL share, open a command prompt window and then type "net share".
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6 06FFEDA593
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A 85826019AB
Member ID: 90BABC6C-23C8-40F7-89DA-C4 82DBBF5151
Read-Only: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4602</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 28:56.4530 89300Z" />
<EventRecordID>205</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B 46E-B606FF EDA593</Da ta>
<Data>C:\Windows\SYSVOL\do main</Data >
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9 023-9A8582 6019AB</Da ta>
<Data>90BABC6C-23C8-40F7-8 9DA-C482DB BF5151</Da ta>
<Data>
</Data>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 1210
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully set up an RPC listener for incoming replication requests.
Additional Information:
Port: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1210</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:58.8646 98100Z" />
<EventRecordID>204</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 2010
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has detected that all replicated folders on volume C: have been disabled or deleted.
Additional Information:
Volume: 9A068A0B-0000-0000-0000-50 1F00000000
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">2010</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:58.8646 98100Z" />
<EventRecordID>203</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>9A068A0B-0000-0000-0 000-501F00 000000</Da ta>
<Data>C:</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 4114
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The replicated folder at local path C:\Windows\SYSVOL\domain has been disabled. The replicated folder will not participate in replication until it is enabled. All data in the replicated folder will be treated as pre-existing data when this replicated folder is enabled.
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6 06FFEDA593
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A 85826019AB
Member ID: 90BABC6C-23C8-40F7-89DA-C4 82DBBF5151
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4114</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:58.7240 22000Z" />
<EventRecordID>202</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B 46E-B606FF EDA593</Da ta>
<Data>C:\Windows\SYSVOL\do main</Data >
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9 023-9A8582 6019AB</Da ta>
<Data>90BABC6C-23C8-40F7-8 9DA-C482DB BF5151</Da ta>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 1206
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully contacted domain controller 247SERVER1.247ROAD.local to access configuration information.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1206</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:58.7084 17600Z" />
<EventRecordID>201</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>247SERVER1.247ROAD.l ocal</Data >
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:57 PM
Event ID: 6102
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has successfully registered the WMI provider.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">6102</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:57.4738 07600Z" />
<EventRecordID>200</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1314
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully configured the debug log files.
Additional Information:
Debug Log File Path: C:\Windows\debug
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1314</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:54.2708 57500Z" />
<EventRecordID>199</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>C:\Windows\debug</Da ta>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1004
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has started.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1004</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:54.2396 71200Z" />
<EventRecordID>198</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1002
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service is starting.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1002</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:54.2396 71200Z" />
<EventRecordID>197</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:11 PM
Event ID: 1008
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has stopped.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1008</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:11.8946 93100Z" />
<EventRecordID>196</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:11 PM
Event ID: 1006
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service is stopping.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1006</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 26:11.5039 83000Z" />
<EventRecordID>195</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:25:23 PM
Event ID: 2010
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has detected that all replicated folders on volume C: have been disabled or deleted.
Additional Information:
Volume: 9A068A0B-0000-0000-0000-50 1F00000000
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">2010</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 25:23.5760 75100Z" />
<EventRecordID>194</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>9A068A0B-0000-0000-0 000-501F00 000000</Da ta>
<Data>C:</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:25:23 PM
Event ID: 4114
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The replicated folder at local path C:\Windows\SYSVOL\domain has been disabled. The replicated folder will not participate in replication until it is enabled. All data in the replicated folder will be treated as pre-existing data when this replicated folder is enabled.
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6 06FFEDA593
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A 85826019AB
Member ID: 90BABC6C-23C8-40F7-89DA-C4 82DBBF5151
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4114</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 25:23.4510 63800Z" />
<EventRecordID>193</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B 46E-B606FF EDA593</Da ta>
<Data>C:\Windows\SYSVOL\do main</Data >
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9 023-9A8582 6019AB</Da ta>
<Data>90BABC6C-23C8-40F7-8 9DA-C482DB BF5151</Da ta>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:11:22 PM
Event ID: 1210
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully set up an RPC listener for incoming replication requests.
Additional Information:
Port: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1210</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 11:22.0903 11000Z" />
<EventRecordID>192</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:11:21 PM
Event ID: 1206
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully contacted domain controller 247SERVER1.247ROAD.local to access configuration information.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1206</E ventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000 </Keywords >
<TimeCreated SystemTime="2018-03-08T10: 11:21.9340 48800Z" />
<EventRecordID>191</EventR ecordID>
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO AD.local</ Computer>
<Security />
</System>
<EventData>
<Data>247SERVER1.247ROAD.l ocal</Data >
</EventData>
</Event>
Source: DFSR
Date: 8/03/2018 9:28:56 PM
Event ID: 4602
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully initialized the SYSVOL replicated folder at local path C:\Windows\SYSVOL\domain. This member is the designated primary member for this replicated folder. No user action is required. To check for the presence of the SYSVOL share, open a command prompt window and then type "net share".
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A
Member ID: 90BABC6C-23C8-40F7-89DA-C4
Read-Only: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4602</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>205</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B
<Data>C:\Windows\SYSVOL\do
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9
<Data>90BABC6C-23C8-40F7-8
<Data>
</Data>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 1210
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully set up an RPC listener for incoming replication requests.
Additional Information:
Port: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1210</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>204</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 2010
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has detected that all replicated folders on volume C: have been disabled or deleted.
Additional Information:
Volume: 9A068A0B-0000-0000-0000-50
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">2010</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>203</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>9A068A0B-0000-0000-0
<Data>C:</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 4114
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The replicated folder at local path C:\Windows\SYSVOL\domain has been disabled. The replicated folder will not participate in replication until it is enabled. All data in the replicated folder will be treated as pre-existing data when this replicated folder is enabled.
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A
Member ID: 90BABC6C-23C8-40F7-89DA-C4
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4114</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>202</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B
<Data>C:\Windows\SYSVOL\do
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9
<Data>90BABC6C-23C8-40F7-8
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:58 PM
Event ID: 1206
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully contacted domain controller 247SERVER1.247ROAD.local to access configuration information.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1206</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>201</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>247SERVER1.247ROAD.l
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:57 PM
Event ID: 6102
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has successfully registered the WMI provider.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">6102</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>200</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1314
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully configured the debug log files.
Additional Information:
Debug Log File Path: C:\Windows\debug
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1314</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>199</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>C:\Windows\debug</Da
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1004
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has started.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1004</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>198</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:54 PM
Event ID: 1002
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service is starting.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1002</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>197</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:11 PM
Event ID: 1008
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has stopped.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1008</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>196</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:26:11 PM
Event ID: 1006
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service is stopping.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1006</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>195</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:25:23 PM
Event ID: 2010
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service has detected that all replicated folders on volume C: have been disabled or deleted.
Additional Information:
Volume: 9A068A0B-0000-0000-0000-50
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">2010</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>194</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>9A068A0B-0000-0000-0
<Data>C:</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:25:23 PM
Event ID: 4114
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The replicated folder at local path C:\Windows\SYSVOL\domain has been disabled. The replicated folder will not participate in replication until it is enabled. All data in the replicated folder will be treated as pre-existing data when this replicated folder is enabled.
Additional Information:
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 792B0847-1C0D-41C0-B46E-B6
Replication Group Name: Domain System Volume
Replication Group ID: 40CA34E9-D774-44CF-9023-9A
Member ID: 90BABC6C-23C8-40F7-89DA-C4
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">4114</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>193</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>792B0847-1C0D-41C0-B
<Data>C:\Windows\SYSVOL\do
<Data>SYSVOL Share</Data>
<Data>Domain System Volume</Data>
<Data>40CA34E9-D774-44CF-9
<Data>90BABC6C-23C8-40F7-8
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:11:22 PM
Event ID: 1210
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully set up an RPC listener for incoming replication requests.
Additional Information:
Port: 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1210</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>192</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>0</Data>
</EventData>
</Event>
Log Name: DFS Replication
Source: DFSR
Date: 8/03/2018 9:11:21 PM
Event ID: 1206
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: 247SERVER1.247ROAD.local
Description:
The DFS Replication service successfully contacted domain controller 247SERVER1.247ROAD.local to access configuration information.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="DFSR" />
<EventID Qualifiers="16384">1206</E
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2018-03-08T10:
<EventRecordID>191</EventR
<Channel>DFS Replication</Channel>
<Computer>247SERVER1.247RO
<Security />
</System>
<EventData>
<Data>247SERVER1.247ROAD.l
</EventData>
</Event>
I can see event ID 1206 which means problem is resolved now.
Are you still facing problem joining machine to domain?
Are you still facing problem joining machine to domain?
ASKER
Yes, still the same issue. Though after 3 days of fault finding, this server has the cleanest event logs I've ever seen. Thanks for you help so far. This is a really strange one.
what error you are getting on machine when you tried to join it to domain?
what is the OS version of client, is it home edition ?
what is the OS version of client, is it home edition ?
ASKER
No all the machines I have tried have either been 10 or 7 pro. The current machine is windows 7 Pro.
join.JPG
join.JPG
ASKER
Yes the work station is set as above under dns. Reboot both the Server and Workstation after completing the instruction above. Still getting the same error.
ASKER
and after the reboot the 1202 errors have returned.
not sure if below command will work but you can give a try from elevated command prompt:
If above command worked successfully, then reboot the DC once and check if it works
netdom resetpwd /Server:DCName /UserD:administrator /PasswordD:*
If above command worked successfully, then reboot the DC once and check if it works
ASKER
Had no affect. Still got the 1202's after the reboot and no connect. the command did complete successfully.
Use the network wizard to join the workstation to the domain.
The simple change always had done wiered behavior.
In the join.jog instead of simply changing from workstation to do ain, click the button midway and to the right.
And you should be fine.
The simple change always had done wiered behavior.
In the join.jog instead of simply changing from workstation to do ain, click the button midway and to the right.
And you should be fine.
ASKER
The wizard gives the same error.
Did you disable uac? The join task is an elevated, do you get prompted for admin during your join attempt?
ASKER
Yes, uac is disabled on the workstation.
That is your problem. The Join has to be elevated, when uac is disabled, if you are not running as administrator, not merely using an account that is a member of administrators.
Disable uac if you must, after the joining to the domain.
Disable uac if you must, after the joining to the domain.
ASKER
Activating uac had no effect and plugging into my network it has no problem locating the svr record from my server.
Do you get prompted to elevate rights when running the advanced system settings? Do you raise the rights such that it runs in admin mode?
Do these systems use local or Microsoft login accounts?.
Do these systems use local or Microsoft login accounts?.
ASKER
all the machines I have tried have used local accounts. the current machine is using windows 7 pro and no prompt as I do everything as administrator. Fairly sure this isn't a workstation issue as I have tried it with 4 separate workstations at 2 locations with both windows 7pro and windows 10 pro. I have also tested the windows 7 pro on my own DC and it has no issues
Using the system as administrator, does not mean you operating in elevated mode.
Try the following, start+R open cmd.exe (first window)
Now, in the start search, search for cmd.exe, right click on command and run as administrators. (Second window)
Try to add a feature in the first window
dism /online /enable-feature:SNMP
See whether you get a message that you have to run it in elevated.
Try running netstat -anb and see what you get.
Try the following, start+R open cmd.exe (first window)
Now, in the start search, search for cmd.exe, right click on command and run as administrators. (Second window)
Try to add a feature in the first window
dism /online /enable-feature:SNMP
See whether you get a message that you have to run it in elevated.
Try running netstat -anb and see what you get.
ASKER
On which machine would you like me to run these?
On the workstation that points to 192.16.0.99 as the name server and where you are running into ad join issues.
Based on your prior response, the 247server1 resolves to 192.168.0.99, and the SRV record lookup returns the data.
Only possible issue us a restriction when the process dealing with promoting for credentials, info to join domain.
If you have the option, build a workstation from scratch, use local user account, and Ho through the domain joining process on a prestine system.
And see if you get the same error, or it joins means sonething on these workstations is the issue.
Check on the services on the 2016 to make sure you do not have NLA service enabled. Service bars access to clients that do not have a marker that they are "safe" I.e. Have anti-virus, infection counter measures.
Based on your prior response, the 247server1 resolves to 192.168.0.99, and the SRV record lookup returns the data.
Only possible issue us a restriction when the process dealing with promoting for credentials, info to join domain.
If you have the option, build a workstation from scratch, use local user account, and Ho through the domain joining process on a prestine system.
And see if you get the same error, or it joins means sonething on these workstations is the issue.
Check on the services on the 2016 to make sure you do not have NLA service enabled. Service bars access to clients that do not have a marker that they are "safe" I.e. Have anti-virus, infection counter measures.
ASKER
ok, have checked nla on the server. it's off. have connected a freshly built machine I had boxed waiting for a client to pick up, windows 10 pro. same result.
Had already run the commands you requested on the test workstation both worked ok, no request to raise function level and nothing blocking the required ports.
Had already run the commands you requested on the test workstation both worked ok, no request to raise function level and nothing blocking the required ports.
I will go back to your server's Windows firewall as being the culprit. There are different RPC and other components.
In what zone in network and internet settings does the server say it is in, private, domain?
Get an dm stall wireshark or Microsoft network monitor tool on a workstation and on the server.
Point being compare the traffic generated on the workstation with destination to the server and on the server what it receives from the workstation.
In what zone in network and internet settings does the server say it is in, private, domain?
Get an dm stall wireshark or Microsoft network monitor tool on a workstation and on the server.
Point being compare the traffic generated on the workstation with destination to the server and on the server what it receives from the workstation.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Net share
Sysvol/netlogon.
When you are saying you are unable to connect remotely, are you attempting to join the external to this DC?
Double check network center, in which zone dies the LAN connection show up, public is most restrictive meaning firewall rules prevent any external access.
The classification shoukd be in a private/work
I think IPv6 shoukd be enabled.
Port 445 deals with share access. It is not bound in your example.