Re: active directory replication
- From: "rodge" <rodge@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 21 Jan 2006 07:24:21 -0800
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine maindc, is a DC.
* Connecting to directory service on server maindc.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 29 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Main\MAINDC
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... MAINDC passed test Connectivity
Doing primary tests
Testing server: Main\MAINDC
Starting test: Replications
* Replications Check
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
MAINDC: Current time is 2006-01-21 10:04:41.
CN=Schema,CN=Configuration,DC=func,DC=com
Last replication recieved from SMITHSBURG at 2006-01-20
05:59:09.
Latency information for 31 entries in the vector were ignored.
31 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=func,DC=com
Last replication recieved from SMITHSBURG at 2006-01-20
05:59:05.
Latency information for 31 entries in the vector were ignored.
31 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=func,DC=com
Last replication recieved from SMITHSBURG at 2006-01-20
05:59:12.
Latency information for 29 entries in the vector were ignored.
29 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=ForestDnsZones,DC=func,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=func,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
REPLICATION-RECEIVED LATENCY WARNING
Source site:
CN=NTDS Site
Settings,CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
Current time: 2006-01-21 10:04:41
Last update time: 2006-01-20 05:52:02
Check if source site has an elected ISTG running.
Check replication from source site to this server.
......................... MAINDC passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=func,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=func,DC=com
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=func,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=func,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=func,DC=com
(Domain,Version 2)
......................... MAINDC passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... MAINDC passed test NetLogons
Starting test: Advertising
The DC MAINDC is advertising itself as a DC and having a DS.
The DC MAINDC is advertising as an LDAP server
The DC MAINDC is advertising as having a writeable directory
The DC MAINDC is advertising as a Key Distribution Center
The DC MAINDC is advertising as a time server
......................... MAINDC passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
Role Domain Owner = CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
Role PDC Owner = CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
Role Rid Owner = CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
......................... MAINDC passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 35105 to 1073741823
* maindc.func.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 33605 to 34104
* rIDPreviousAllocationPool is 33605 to 34104
* rIDNextRID: 33615
......................... MAINDC passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/maindc.func.com/func.com
* SPN found :LDAP/maindc.func.com
* SPN found :LDAP/MAINDC
* SPN found :LDAP/maindc.func.com/FUNC
* SPN found
:LDAP/5079dbb1-ebb0-4c86-acef-839d2b0813f9._msdcs.func.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/5079dbb1-ebb0-4c86-acef-839d2b0813f9/func.com
* SPN found :HOST/maindc.func.com/func.com
* SPN found :HOST/maindc.func.com
* SPN found :HOST/MAINDC
* SPN found :HOST/maindc.func.com/FUNC
* SPN found :GC/maindc.func.com/func.com
......................... MAINDC passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... MAINDC passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
MAINDC is in domain DC=func,DC=com
Checking for CN=MAINDC,OU=Domain Controllers,DC=func,DC=com in
domain DC=func,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com in domain CN=Configuration,DC=func,DC=com on 1 servers
Object is up-to-date on all servers.
......................... MAINDC passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... MAINDC passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may
cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 01/21/2006 01:03:40
(Event String could not be retrieved)
......................... MAINDC failed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x8000061E
Time Generated: 01/21/2006 09:51:57
Event String: All domain controllers in the following site that
can replicate the directory partition over this
transport are currently unavailable.
Site:
CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
Directory partition:
DC=func,DC=com
Transport:
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=func,DC=com
An Error Event occured. EventID: 0xC000051F
Time Generated: 01/21/2006 09:51:57
Event String: The Knowledge Consistency Checker (KCC) has
detected problems with the following directory
partition.
Directory partition:
DC=func,DC=com
There is insufficient site connectivity
information in Active Directory Sites and
Services for the KCC to create a spanning tree
replication topology. Or, one or more domain
controllers with this directory partition are
unable to replicate the directory partition
information. This is probably due to inaccessible
domain controllers.
User Action
Use Active Directory Sites and Services to
perform one of the following actions:
- Publish sufficient site connectivity
information so that the KCC can determine a route
by which this directory partition can reach this
site. This is the preferred option.
- Add a Connection object to a domain controller
that contains the directory partition in this
site from a domain controller that contains the
same directory partition in another site.
If neither of the Active Directory Sites and
Services tasks correct this condition, see
previous events logged by the KCC that identify
the inaccessible domain controllers.
An Warning Event occured. EventID: 0x80000749
Time Generated: 01/21/2006 09:51:57
Event String: The Knowledge Consistency Checker (KCC) was
unable to form a complete spanning tree network
topology. As a result, the following list of
sites cannot be reached from the local site.
Sites:
CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
An Warning Event occured. EventID: 0x8000061E
Time Generated: 01/21/2006 09:51:57
Event String: All domain controllers in the following site that
can replicate the directory partition over this
transport are currently unavailable.
Site:
CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
Directory partition:
CN=Configuration,DC=func,DC=com
Transport:
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=func,DC=com
An Error Event occured. EventID: 0xC000051F
Time Generated: 01/21/2006 09:51:57
Event String: The Knowledge Consistency Checker (KCC) has
detected problems with the following directory
partition.
Directory partition:
CN=Configuration,DC=func,DC=com
There is insufficient site connectivity
information in Active Directory Sites and
Services for the KCC to create a spanning tree
replication topology. Or, one or more domain
controllers with this directory partition are
unable to replicate the directory partition
information. This is probably due to inaccessible
domain controllers.
User Action
Use Active Directory Sites and Services to
perform one of the following actions:
- Publish sufficient site connectivity
information so that the KCC can determine a route
by which this directory partition can reach this
site. This is the preferred option.
- Add a Connection object to a domain controller
that contains the directory partition in this
site from a domain controller that contains the
same directory partition in another site.
If neither of the Active Directory Sites and
Services tasks correct this condition, see
previous events logged by the KCC that identify
the inaccessible domain controllers.
An Warning Event occured. EventID: 0x80000749
Time Generated: 01/21/2006 09:51:57
Event String: The Knowledge Consistency Checker (KCC) was
unable to form a complete spanning tree network
topology. As a result, the following list of
sites cannot be reached from the local site.
Sites:
CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
An Warning Event occured. EventID: 0x80000785
Time Generated: 01/21/2006 09:52:18
Event String: The attempt to establish a replication link for
the following writable directory partition
failed.
Directory partition:
DC=func,DC=com
Source domain controller:
CN=NTDS
Settings,CN=SMITHSBURG,CN=Servers,CN=Smithsburg,CN=Sites,CN=Configuration,DC=func,DC=com
Source domain controller address:
cc1015f9-6a43-4453-87f7-ca841faec694._msdcs.func.com
Intersite transport (if any):
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=func,DC=com
This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.
User Action
Verify if the source domain controller is
accessible or network connectivity is available.
Additional Data
Error value:
1722 The RPC server is unavailable.
......................... MAINDC failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... MAINDC passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=MAINDC,OU=Domain Controllers,DC=func,DC=com and backlink on
CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=MAINDC,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=func,DC=com
and backlink on CN=MAINDC,OU=Domain Controllers,DC=func,DC=com are
correct.
The system object reference (serverReferenceBL)
CN=MAINDC,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=func,DC=com
and backlink on
CN=NTDS
Settings,CN=MAINDC,CN=Servers,CN=Main,CN=Sites,CN=Configuration,DC=func,DC=com
are correct.
......................... MAINDC passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : func
Starting test: CrossRefValidation
......................... func passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... func passed test CheckSDRefDom
Running enterprise tests on : func.com
Starting test: Intersite
Skipping site Belair, this site is outside the scope provided by the
command line arguments provided.
Skipping site Moorefield, this site is outside the scope provided by
the command line arguments provided.
Skipping site EdwinMiller, this site is outside the scope provided by
the command line arguments provided.
Skipping site Tritowns, this site is outside the scope provided by
the
command line arguments provided.
Skipping site Centercity, this site is outside the scope provided by
the command line arguments provided.
Skipping site Hagoakfirst, this site is outside the scope provided by
the command line arguments provided.
Skipping site Barton, this site is outside the scope provided by the
command line arguments provided.
Skipping site SBerkeley, this site is outside the scope provided by
the command line arguments provided.
Skipping site MBurgOakFirst, this site is outside the scope provided
by the command line arguments provided.
Skipping site Sabraton, this site is outside the scope provided by
the
command line arguments provided.
Skipping site SFoxcroft, this site is outside the scope provided by
the command line arguments provided.
Skipping site Starcity, this site is outside the scope provided by
the
command line arguments provided.
Skipping site Martinsburg, this site is outside the scope provided by
the command line arguments provided.
Skipping site Potomac, this site is outside the scope provided by the
command line arguments provided.
Skipping site Littman, this site is outside the scope provided by the
command line arguments provided.
Skipping site Keyser, this site is outside the scope provided by the
command line arguments provided.
Skipping site Lake, this site is outside the scope provided by the
command line arguments provided.
Skipping site Grantsville, this site is outside the scope provided by
the command line arguments provided.
Skipping site Friendsville, this site is outside the scope provided
by
the command line arguments provided.
Skipping site Frostburg, this site is outside the scope provided by
the command line arguments provided.
Skipping site Whiteoaks, this site is outside the scope provided by
the command line arguments provided.
Skipping site Hagerstown, this site is outside the scope provided by
the command line arguments provided.
Skipping site Smithsburg, this site is outside the scope provided by
the command line arguments provided.
Skipping site Ballenger, this site is outside the scope provided by
the command line arguments provided.
Skipping site Riverside, this site is outside the scope provided by
the command line arguments provided.
Skipping site Myersville, this site is outside the scope provided by
the command line arguments provided.
Skipping site Main, this site is outside the scope provided by the
command line arguments provided.
......................... func.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\midtowns.func.com
Locator Flags: 0xe00001fc
PDC Name: \\maindc.func.com
Locator Flags: 0xe00003f9
Time Server Name: \\maindc.func.com
Locator Flags: 0xe00003f9
Preferred Time Server Name: \\maindc.func.com
Locator Flags: 0xe00003f9
KDC Name: \\maindc.func.com
Locator Flags: 0xe00003f9
......................... func.com passed test FsmoCheck
.
- References:
- Re: active directory replication
- From: Herb Martin
- Re: active directory replication
- From: rodge
- Re: active directory replication
- From: Herb Martin
- Re: active directory replication
- Prev by Date: Re: Uninstall software with Group Policy
- Next by Date: Re: Best Domain Model for this
- Previous by thread: Re: active directory replication
- Next by thread: Re: active directory replication
- Index(es):
Relevant Pages
|
