NETDIAG problem - SPN queries
- From: Neko- <neko-@xxxxxxxxx>
- Date: Wed, 1 Oct 2008 04:42:12 -0700 (PDT)
Using NETDIAG I found 3 errors on my Windows 2000 Domain Controller:
The first:
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working
because it has not received any packets.
I'm expecting this is related to the running RRAS services on there.
They're not used anymore, so I'm seriously contemplating taking those
off anyway. Can't find the device in the device list, and of what I
could find on the net it's not really a problematic notice.
The second:
AutoConfiguration results. . . . . . : Failed
[WARNING] AutoConfiguration is in use. DHCP not available.
and a bit further down in the log:
Autonet address test . . . . . . . : Failed
[FATAL] All adapters are autoconfigured.
The DHCP servers are unreachable. Please check cables, hubs, and
taps.
The DHCP server is a hardware box on our network. I know it works, and
I know the server can reach it. The reason however for it to try for
DHCP is unknown, since it has a fixed IP adres set. I'm considering
this error to be ignorable. There is only one LAN card, and as stated:
it's not running DHCP.
Then we get the third (and possibly most annoying) problem:
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'SERVER1.DOMAIN.INTERNAL'.
[WARNING] Failed to query SPN registration on DC
'SERVER2.DOMAIN.INTERNAL'.
I found quite a few people running into this problem through a search
engine, but no real follow-ups or solutions on it... Except one page
that mentioned a Microsoft utility called SETSPN.EXE
Now with that utility the SPN (ServicePrincipalNames) can be verified
or even reset if needed.
First off: a list of the SPN's on the machine:
Registered ServicePrincipalNames for CN=SERVER1,OU=Domain
Controllers,DC=DOMAIN,DC=INTERNALAL:
MSSQLSvc/SERVER1.DOMAIN.INTERNAL:1433
SMTPSVC/SERVER1
SMTPSVC/SERVER1.DOMAIN.INTERNAL
NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/SERVER1.DOMAIN.INTERNAL
GC/SERVER1.DOMAIN.INTERNAL/DOMAIN.INTERNAL
HOST/SERVER1.DOMAIN.INTERNAL/DOMIN
HOST/SERVER1
HOST/SERVER1.DOMAIN.INTERNAL
HOST/SERVER1.DOMAIN.INTERNAL/DOMAIN.INTERNAL
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b0b58c0-8a12-4906-
b856-5771f3505e43/DOMAIN.INTERNAL
LDAP/7b0b58c0-8a12-4906-b856-5771f3505e43._msdcs.DOMAIN.INTERNAL
LDAP/SERVER1.DOMAIN.INTERNAL/DOMIN
LDAP/SERVER1
LDAP/SERVER1.DOMAIN.INTERNAL
LDAP/SERVER1.DOMAIN.INTERNAL/DOMAIN.INTERNAL
DNS/SERVER1.DOMAIN.INTERNAL
Now when I try to reset this to the required settings through the
command SETSPN -R SERVER1, the following error appears:
Failed to crack name DOMIN\SERVER1 into the FQDN, (0) 1 0x2
When I try to ping the machine using it's name (SERVER1), it's FQDN
(SERVER1.DOMAIN.INTERNAL) or even it's full FQDN
(SERVER1.DOMAIN.INTERNAL.) it works normally. The IP is resolved and
no real issues are present. Using the FQDN to run the command (SETSPN -
R SERVER1.DOMAIN.INTERNAL) tells me it couldn't find the account
SERVER1.DOMAIN.INTERNAL.
Anyone have any idea if the SPN's listed are correct or not, or what
specifically might be the cause of my root problem (the warnings), or
even how to get SETSPN.EXE to run properly with the re-create switch?
.
- Follow-Ups:
- Re: NETDIAG problem - SPN queries
- From: Meinolf Weber
- Re: NETDIAG problem - SPN queries
- Next by Date: Re: NETDIAG problem - SPN queries
- Next by thread: Re: NETDIAG problem - SPN queries
- Index(es):
Relevant Pages
|
