RE: error found after dc demote
- From: Meinolf Weber <meiweb(nospam)@gmx.de>
- Date: Tue, 2 Oct 2007 05:57:30 +0000 (UTC)
Hello patrick,
The DNS on AD05 and AD06 is not the best solution. Check this document for the DNS configuration:
http://support.microsoft.com/kb/825036
After that run dcdiag and netdiag on all Dc's. If you have errors, please post the complete output.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
Thanks for your help Meinolf.
Please fnd the ipconfig /all result below:
Let me give more info about my config:
AD01 (is DC, DNS DHCP)
AD05 (is DC, DNS)
AD06 (is DC, DNS)
Mail01 (Exchange 2003 only)
And I did another test, I rollback all server to the stage that before
demote AD01.
Then I shutdown AD01 and boot only AD05, AD06 and MAIL01 (FMSO already
transfered to AD05), I still got those policy error from MAIL01 and
others
member server and Win XP
I seens that mail01 still try to query AD01's policy file path. I have
verity that all policy files are also exist in AD05 and AD06 and also
accessible from mail01 and all other member servers. Why mail01 not
query AD05 or AD06?
Thanks for your help
ipconfig result below:
AD01
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : ad01
Primary DNS Suffix . . . . . . . : hkcec.nws
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hkcec.nws
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD
PCNet
Adapter
Physical Address. . . . . . . . . : 00-50-56-A1-27-0D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.6
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 10.0.0.6
AD05
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : AD05
Primary DNS Suffix . . . . . . . : hkcec.nws
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hkcec.nws
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD
PCNet
Adapter
Physical Address. . . . . . . . . : 00-50-56-A1-41-CC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.63
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 10.0.0.63
AD06
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : AD06
Primary DNS Suffix . . . . . . . : hkcec.nws
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hkcec.nws
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD
PCNet
Adapter
Physical Address. . . . . . . . . : 00-50-56-A1-54-D3
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.68
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 10.0.0.68
MAIL01
Windows IP Configuration
Host Name . . . . . . . . . . . . : mail01
Primary Dns Suffix . . . . . . . : hkcec.nws
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hkcec.nws
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD PCNet
Adapter
Physical Address. . . . . . . . . : 00-50-56-A1-32-82
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.16
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 10.0.0.63
10.0.0.68
"Meinolf Weber" wrote:
Hello patrick,
For the error on the exchange AD05 AD06 check this:
http://support.microsoft.com/default.aspx?scid=kb;en-us;829306
http://support.microsoft.com/default.aspx?scid=kb;en-us;821586
What is mail01 for a server? Do you have mor locations for the
machines? Please post an unedited ipconfig /all from all servers.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
Thanks for your help.
The following are the result of dcdiag and network, I run it from
mail01(win2k3 with exchange 2003):
And I also found some errors on AD01's event log after demote (the
DC I had demoted). Please see at the end of DIAG result.
DIAG result start below:
-------------------------------------------------
DCDIAG RESULT:
AD05 (running on win2k3 with exchange 2003 insalled) C:\Documents
and
Settings\Administrator.HKCEC>dcdiag /s:ad05
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\AD05
Starting test: Connectivity
......................... AD05 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\AD05
Starting test: Replications
......................... AD05 passed test Replications
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Schema,CN=Configuration,DC=hkcec,DC=nws
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Schema,CN=Configuration,DC=hkcec,DC=nws
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Configuration,DC=hkcec,DC=nws
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Configuration,DC=hkcec,DC=nws
......................... AD05 failed test NCSecDesc
Starting test: NetLogons
......................... AD05 passed test NetLogons
Starting test: Advertising
......................... AD05 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... AD05 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... AD05 passed test RidManager
Starting test: MachineAccount
......................... AD05 passed test MachineAccount
Starting test: Services
......................... AD05 passed test Services
Starting test: ObjectsReplicated
......................... AD05 passed test ObjectsReplicated
Starting test: frssysvol
......................... AD05 passed test frssysvol
Starting test: frsevent
......................... AD05 passed test frsevent
Starting test: kccevent
......................... AD05 passed test kccevent
Starting test: systemlog
......................... AD05 passed test systemlog
Starting test: VerifyReferences
......................... AD05 passed test VerifyReferences
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : hkcec
Starting test: CrossRefValidation
......................... hkcec passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... hkcec passed test CheckSDRefDom
Running enterprise tests on : hkcec.nws
Starting test: Intersite
......................... hkcec.nws passed test Intersite
Starting test: FsmoCheck
......................... hkcec.nws passed test FsmoCheck
C:\Documents and Settings\Administrator.HKCEC>
DCDIAG RESULT
AD06(running on win2k3 with exchange 2003 insalled) C:\Documents and
Settings\Administrator.HKCEC>dcdiag /s:ad06
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\AD06
Starting test: Connectivity
......................... AD06 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\AD06
Starting test: Replications
......................... AD06 passed test Replications
Starting test: NCSecDesc
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Schema,CN=Configuration,DC=hkcec,DC=nws
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Schema,CN=Configuration,DC=hkcec,DC=nws
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Configuration,DC=hkcec,DC=nws
Error BUILTIN\Administrators doesn't have
Replicating Directory Changes All
access rights for the naming context:
CN=Configuration,DC=hkcec,DC=nws
......................... AD06 failed test NCSecDesc
Starting test: NetLogons
......................... AD06 passed test NetLogons
Starting test: Advertising
......................... AD06 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... AD06 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... AD06 passed test RidManager
Starting test: MachineAccount
......................... AD06 passed test MachineAccount
Starting test: Services
......................... AD06 passed test Services
Starting test: ObjectsReplicated
......................... AD06 passed test ObjectsReplicated
Starting test: frssysvol
......................... AD06 passed test frssysvol
Starting test: frsevent
......................... AD06 passed test frsevent
Starting test: kccevent
......................... AD06 passed test kccevent
Starting test: systemlog
......................... AD06 passed test systemlog
Starting test: VerifyReferences
......................... AD06 passed test VerifyReferences
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test
CheckSDRefDom
Running partition tests on : hkcec
Starting test: CrossRefValidation
......................... hkcec passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... hkcec passed test CheckSDRefDom
Running enterprise tests on : hkcec.nws
Starting test: Intersite
......................... hkcec.nws passed test Intersite
Starting test: FsmoCheck
......................... hkcec.nws passed test FsmoCheck
NETDIAG RESULT (running on win2k3 with exchange 2003 insalled)
C:\Documents and Settings\Administrator.HKCEC>netdiag /d:hkcec.nws
...................................
Computer Name: MAIL01
DNS Host Name: mail01.hkcec.nws
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 6 Stepping 8, GenuineIntel
List of installed hotfixes :
KB819696
KB822925
KB823182
KB823559
KB823728
KB823980
KB824105
KB824141
KB824145
KB824146
KB825119
KB828028
KB828035
KB828741
KB828750
KB830352
KB831464
KB832894
KB835732
KB837001
KB837009
KB837272
KB840374
KB893803v2
Q147222
Q828026
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection 4
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : mail01
IP Address . . . . . . . . : 10.0.0.16
Subnet Mask. . . . . . . . : 255.255.252.0
Default Gateway. . . . . . : 10.0.0.2
Dns Servers. . . . . . . . : 10.0.0.63
10.0.0.68
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Failed
No gateway reachable for this adapter.
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{1685F764-98AF-4F78-B7A4-0ACC841B66CF}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation
Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{1685F764-98AF-4F78-B7A4-0ACC841B66CF}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{1685F764-98AF-4F78-B7A4-0ACC841B66CF}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
.
- Follow-Ups:
- RE: error found after dc demote
- From: Patrick
- RE: error found after dc demote
- References:
- RE: error found after dc demote
- From: Patrick
- RE: error found after dc demote
- Prev by Date: RE: error found after dc demote
- Next by Date: RE: error found after dc demote
- Previous by thread: RE: error found after dc demote
- Next by thread: RE: error found after dc demote
- Index(es):
Relevant Pages
|
