Re: System manager can't see AD
- From: "Bill" <training@xxxxxxxxxx>
- Date: Tue, 11 Nov 2008 09:17:39 -0500
Hi Rich,
I ran the dcdiag tests for DNS & topology (results below). Everything passed
with a warning that Dynamic Updates weren't secure. No other issues were
found. The problem appears to lie somewhere within the Exchange end of
things.
C:\>dcdiag /test:topology /s:mainserver /v
Domain Controller Diagnosis
Performing initial setup:
* Connecting to directory service on server mainserver.
* Found 1 DC(s). Testing 1 of them.
Testing server: Default-First-Site\MAINSERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... MAINSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site\MAINSERVER
Starting test: Topology
......................... MAINSERVER passed test Topology
AND
C:\>dcdiag /test:dns /s:mainserver /v
Domain Controller Diagnosis
Performing initial setup:
* Connecting to directory service on server mainserver.
* Found 1 DC(s). Testing 1 of them.
Testing server: Default-First-Site\MAINSERVER
Starting test: Connectivity
......................... MAINSERVER passed test Connectivity
Testing server: Default-First-Site\MAINSERVER
Starting test: DNS
Test results for domain controllers:
DC: mainserver.MYDOMAIN.com
Domain: MYDOMAIN.com
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition
(Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000001] HP NC7781 Gigabit Server Adapter:
MAC address is 00:18:FE:7A:B5:CA
IP address is static
IP address: 192.168.98.10
DNS servers:
192.168.98.10 (mainserver.MYDOMAIN.com.) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found
(primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
24.92.226.11 (<name unavailable>) [Valid]
24.92.226.12 (<name unavailable>) [Valid]
TEST: Delegations (Del)
Delegation information for the zone: MYDOMAIN.com.
Delegated domain name: _msdcs.MYDOMAIN.com.
DNS server: mainserver.MYDOMAIN.com.
IP:192.168.98.10 [Valid]
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not
secure
MYDOMAIN.com.
Test record _dcdiag_test_record added successfully in zone
MYDOMAIN.com.
Test record _dcdiag_test_record deleted successfully in
zone MYDOMAIN.com.
TEST: Records registration (RReg)
Network Adapter [00000001] HP NC7781 Gigabit Server
Adapter:
Matching A record found at DNS server 192.168.98.10:
mainserver.MYDOMAIN.com
Matching CNAME record found at DNS server
192.168.98.10:
b940f115-e92d-4b21-acd2-6cd1300adacc._msdcs.MYDOMAIN.com
Matching DC SRV record found at DNS server
192.168.98.10:
_ldap._tcp.dc._msdcs.MYDOMAIN.com
Matching GC SRV record found at DNS server
192.168.98.10:
_ldap._tcp.gc._msdcs.MYDOMAIN.com
Matching PDC SRV record found at DNS server
192.168.98.10:
_ldap._tcp.pdc._msdcs.MYDOMAIN.com
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.98.10 (mainserver.MYDOMAIN.com.)
All tests passed on this DNS server
This is a valid DNS server.
Name resolution is functional. _ldap._tcp SRV record for the
forest root domain is registered
Delegation to the domain _msdcs.MYDOMAIN.com. is operational
DNS server: 24.92.226.11 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.
DNS server: 24.92.226.12 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg
Ext
Domain: MYDOMAIN.com
mainserver PASS PASS PASS PASS WARN PASS
n/a
......................... MYDOMAIN.com passed test DNS
"Rich Matheisen [MVP]" <richnews@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3fphh41gdmg2eviu842k6k4rrp05sbfg2k@xxxxxxxxxx
On Mon, 10 Nov 2008 14:48:43 -0500, "Bill" <training@xxxxxxxxxx>
wrote:
I don't know how long this has been going on.
Two servers both 2003 with all updates etc.
Mainserver handles all of the network tasks (DC, GC, AD, DNS, DHCP, etc)
Mailserver has Exchange 2003 and does nothing, but email.
Every 15 minutes I get the following error:
DSAccess failed to obtain DNS records for forest DC=MYDOMAIN,DC=com.
DNS
Priority and Weight for the Global Catalog servers in this forest will be
set to the default values 0 (priority) and 100 (weight).
Have you run DCDIAG? Start with "dcdiag /test:dns /v".
---
Rich Matheisen
MCSE+I, Exchange MVP
.
- Follow-Ups:
- Re: System manager can't see AD
- From: Rich Matheisen [MVP]
- Re: System manager can't see AD - more info
- From: Bill
- Re: System manager can't see AD
- References:
- System manager can't see AD
- From: Bill
- Re: System manager can't see AD
- From: Rich Matheisen [MVP]
- System manager can't see AD
- Prev by Date: Re: Exchange 2007 certificate renewal
- Next by Date: Re: Exchange 2003 32 KB Rule size limit per mailbox.
- Previous by thread: Re: System manager can't see AD
- Next by thread: Re: System manager can't see AD - more info
- Index(es):
Relevant Pages
|
