One way replication
- From: Ward D. Cook <WardDCook@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 26 May 2005 12:02:02 -0700
I have an interesting situation and was wondering if someone might be able to
help me out. I have two Active Directory Domain Controllers. One is a
Windows 2000 Service Pack 4 machine and one is a Windows Server 2003 box (no
SP1 yet, but I am planning on installing it shortly!). We are in the process
of transferring everything to the new Windows 2003 box and decommissioning
the Windows 2000 Server. Before I can do that though, I wanted to do a health
check on my servers. When I went into Sites and Services on my W2K3 box and
forced AD replication, I got no errors. When I went into my Win2K box and did
the same thing, I got an Access Denied error message. So I have done some
troubleshooting. I am posting my DCDiag logs and Netdiag logs. I also tried
to map a drive to the new Windows 2003 box and get the error message "Target
account name is incorrect". Does anyone have any suggestions to help me
resolve this issue? I will have the DCDiag and Netdiag log files for the W2K3
box shortly.
Thanks!
Ward D. Cook
DCDiag log file (from W2K box)
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Connectivity
......................... SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER
Starting test: Replications
[Replications Check,SERVER] A recent replication attempt failed:
From STLRBCALPHA to SERVER
Naming Context: CN=Schema,CN=Configuration,DC=stlrcga,DC=org
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-05-26 12:59.34.
The last success occurred at 2005-04-15 02:51.44.
967 failures have occurred since the last success.
[STLRBCALPHA] DsBind() failed with error -2146893022,
The target principal name is incorrect..
[Replications Check,SERVER] A recent replication attempt failed:
From STLRBCALPHA to SERVER
Naming Context: CN=Configuration,DC=stlrcga,DC=org
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-05-26 12:59.34.
The last success occurred at 2005-04-15 02:51.44.
1699 failures have occurred since the last success.
[Replications Check,SERVER] A recent replication attempt failed:
From STLRBCALPHA to SERVER
Naming Context: DC=stlrcga,DC=org
The replication generated an error (5):
Access is denied.
The failure occurred at 2005-05-26 13:32.39.
The last success occurred at 2005-04-15 03:12.10.
52696 failures have occurred since the last success.
......................... SERVER passed test Replications
Starting test: NCSecDesc
......................... SERVER passed test NCSecDesc
Starting test: NetLogons
......................... SERVER passed test NetLogons
Starting test: Advertising
......................... SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Warning: STLRBCALPHA is the Domain Owner, but is not responding to
DS RPC Bind.
[STLRBCALPHA] LDAP bind failed with error 31,
A device attached to the system is not functioning..
Warning: STLRBCALPHA is the Domain Owner, but is not responding to
LDAP Bind.
Warning: STLRBCALPHA is the PDC Owner, but is not responding to DS
RPC Bind.
Warning: STLRBCALPHA is the PDC Owner, but is not responding to
LDAP Bind.
Warning: STLRBCALPHA is the Rid Owner, but is not responding to DS
RPC Bind.
Warning: STLRBCALPHA is the Rid Owner, but is not responding to
LDAP Bind.
Warning: STLRBCALPHA is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: STLRBCALPHA is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... SERVER failed test KnowsOfRoleHolders
Starting test: RidManager
[SERVER] DsBindWithCred() failed with error -2146893022. The target
principal name is incorrect.
......................... SERVER failed test RidManager
Starting test: MachineAccount
......................... SERVER passed test MachineAccount
Starting test: Services
IsmServ Service is stopped on [SERVER]
SMTPSVC Service is stopped on [SERVER]
......................... SERVER failed test Services
Starting test: ObjectsReplicated
......................... SERVER passed test ObjectsReplicated
Starting test: frssysvol
There are errors after the SYSVOL has been shared.
The SYSVOL can prevent the AD from starting.
......................... SERVER passed test frssysvol
Starting test: kccevent
......................... SERVER passed test kccevent
Starting test: systemlog
......................... SERVER passed test systemlog
Running enterprise tests on : stlrcga.org
Starting test: Intersite
......................... stlrcga.org passed test Intersite
Starting test: FsmoCheck
......................... stlrcga.org passed test FsmoCheck
Netdiag Log 1 (from W2K box)
.......................................
Computer Name: SERVER
DNS Host Name: server.stlrcga.org
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 3, GenuineIntel
List of installed hotfixes :
KB819696
KB820888
KB822831
KB823182
KB823559
KB824105
KB824151
KB825119
KB826232
KB828035
KB828741
KB828749
KB830352
KB835732
KB837001
KB839643
KB839645
KB840315
KB840987
KB841356
KB841533
KB841872
KB841873
KB842526
KB842773
KB867282-IE6SP1-20050127.163319
KB870763
KB871250
KB873333
KB873339
KB885250
KB885834
KB885835
KB885836
KB888113
KB890047
KB890175
KB890859
KB890923-IE6SP1-20050225.103456
KB891711
KB891781
KB893066
KB893086
KB893803
KB893803v2
KB894320
Q147222
Q816093
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : server
IP Address . . . . . . . . : 10.0.0.1
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.0.0.254
Dns Servers. . . . . . . . : 10.0.0.20
10.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.0.0.20' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'10.0.0.1' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'RCGA' is to '\\stlrbcalpha.stlrcga.org'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC 'server.stlrcga.org'.
[WARNING] Failed to query SPN registration on DC
'stlrbcalpha.stlrcga.org'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
NetDiag Log 2 (from W2K box)
.......................................
Computer Name: SERVER
DNS Host Name: server.stlrcga.org
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 3, GenuineIntel
List of installed hotfixes :
KB819696
KB820888
KB822831
KB823182
KB823559
KB824105
KB824151
KB825119
KB826232
KB828035
KB828741
KB828749
KB830352
KB835732
KB837001
KB839643
KB839645
KB840315
KB840987
KB841356
KB841533
KB841872
KB841873
KB842526
KB842773
KB867282-IE6SP1-20050127.163319
KB870763
KB871250
KB873333
KB873339
KB885250
KB885834
KB885835
KB885836
KB888113
KB890047
KB890175
KB890859
KB890923-IE6SP1-20050225.103456
KB891711
KB891781
KB893066
KB893086
KB893803
KB893803v2
KB894320
Q147222
Q816093
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : server
IP Address . . . . . . . . : 10.0.0.1
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.0.0.254
Dns Servers. . . . . . . . : 10.0.0.20
10.0.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.0.0.20' and other DCs also have some of the names registered.
PASS - All the DNS entries for DC are registered on DNS server
'10.0.0.1' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{5EFD4C6A-3947-4EB9-96FC-15F076FBF250}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
[WARNING] Cannot call DsBind to stlrbcalpha.stlrcga.org (10.0.0.20).
[SEC_E_WRONG_PRINCIPAL]
Trust relationship test. . . . . . : Passed
[WARNING] Don't have access to test your domain sid for domain 'RCGA'.
[Test skipped]
Secure channel for domain 'RCGA' is to '\\stlrbcalpha.stlrcga.org'.
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'stlrbcalpha.stlrcga.org'.
[WARNING] Failed to query SPN registration on DC 'server.stlrcga.org'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
.
- Follow-Ups:
- Re: One way replication
- From: SPollack
- Re: One way replication
- Prev by Date: Bizarre LDAP referral behavior in Windows 2003 AD
- Next by Date: Can I restore a ADAM from bkf file??
- Previous by thread: Bizarre LDAP referral behavior in Windows 2003 AD
- Next by thread: Re: One way replication
- Index(es):
Relevant Pages
|
