Re: multiple errors in Active Directory
- From: "Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 6 Feb 2006 13:29:45 -0800
No drive or registry permissions have been altered in the past. All hotfixes
and updates are up to date. Here's the ipconfig info. I'll also post the
Event IDs below.
Windows IP Configuration:
Host name..............................shs2003server
Primary DNS suffix...................sutherlin.k12.or.us
Node type...............................unknown
IP Routing Enabled..................no
WINS proxy enabled................no
DNS suffix search list...............sutherlin.k12.or.us
k12.or.us
or.us
Ethernet Adapter Local Area Connection:
Connection-specific DNS suffix:
Description..................................................Realtek RTL8139
Family PCI
Physical address.........................................00-11-D8-08-64-58
DHCP Enabled............................................no
IP Address.................................................10.30.0.10
Subnet mask..............................................255.255.0.0
Default gateway.........................................10.30.0.1
DNS Servers..............................................10.30.0.10
172.16.0.2
172.16.0.3
-------------------------------------------------------------------------------------------- Windows IP Configuration:
Host name..............................sutherlin-web
Primary DNS suffix...................sutherlin.k12.or.us
Node type...............................unknown
IP Routing Enabled..................no
WINS proxy enabled................no
DNS suffix search list...............sutherlin.k12.or.us
k12.or.us
or.us
Ethernet Adapter Local Area Connection:
Connection-specific DNS suffix:
Description..................................................Intel Pro 1000
Physical address.........................................00-30-48-29-0A-6A
DHCP Enabled............................................no
IP Address.................................................10.30.0.12
Subnet mask..............................................255.255.0.0
Default gateway.........................................10.30.0.1
DNS Servers..............................................10.30.0.10
--------------------------------------------------------------------------------------------
Windows IP Configuration:
Host name..............................sutherlin-win3
Primary DNS suffix...................sutherlin.k12.or.us
Node type...............................unknown
IP Routing Enabled..................no
WINS proxy enabled................no
DNS suffix search list...............sutherlin.k12.or.us
k12.or.us
or.us
Ethernet Adapter Local Area Connection:
Connection-specific DNS suffix:
Description..................................................Intel Pro 1000
Physical address.........................................00-30-48-2D-AA-22
DHCP Enabled............................................no
IP Address.................................................10.30.0.14
Subnet mask..............................................255.255.0.0
Default gateway.........................................10.30.0.1
DNS Servers..............................................10.30.0.10
--------------------------------------------------------------------------------------------
Event id 5719 Source: Netlogon
This computer was not able to set up a secure session with a domain
controller in domain WESTINTERMED due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is
connected to the network. If the problem persists, please contact your domain
administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up
the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain
controller in the specified domain.
------------------------------------------------------------------------------------
Event Id 8003 Source: MrxSmb
The master browser has received a server announcement from the computer
SUTHERLIN-WIN3 that believes that it is the master browser for the domain on
transport NwlnkNb. The master browser is stopping or an election is being
forced.
------------------------------------------------------------------------------------
Event id 8009 Source BROWSER
The browser was unable to promote itself to master browser. The computer
that currently believes it is the master browser is SUTHERLIN-WIN3.
-----------------------------------------------------------------------------------
Event id 1419 Source: NTDS General
The local domain controller is both a global catalog and the infrastructure
operations master. These two roles are not compatible.
If another domain controller exists in the domain, it should be made the
infrastructure operations master. The following domain controller is a good
candidate for this role.
Domain controller:
CN=NTDS
Settings,CN=SUTHERLIN-WIN3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sutherlin,DC=k12,DC=or,DC=
If all domain controllers in this domain are global catalogs, then there are
no infrastructure update tasks to complete, and this message might be ignored.
---------------------------------------------------------------------------------
Event id 1925 Source Event KCC
The attempt to establish a replication link for the following writable
directory partition failed.
Directory partition:
CN=Configuration,DC=sutherlin,DC=k12,DC=or,DC=us
Source domain controller:
CN=NTDS
Settings,CN=SUTHERLIN-WIN3,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=sutherlin,DC=k12,DC=or,DC=
Source domain controller address:
2e1294c0-0826-4dfc-bd77-78dd6c903628._msdcs.sutherlin.k12.or.us
Intersite transport (if any):
This domain controller will be unable to replicate with the source domain
controller until this problem is corrected.
User Action
Verify if the source domain controller is accessible or network connectivity
is available.
Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.
--------------------------------------------------------------------------------------------
Event id 50 Source: W32time
The time service detected a time difference of greater than 5000
milliseconds for 900 seconds. The time difference might be caused by
synchronization with low-accuracy time sources or by suboptimal network
conditions. The time service is no longer synchronized and cannot provide the
time to other clients or update the system clock. When a valid time stamp is
received from a time service provider, the time service will correct itself.
----------------------------------------------------------------------------------------
Event id 6702 Source: DNS
DNS server has updated its own host (A) records. In order to ensure that
its DS-integrated peer DNS servers are able to replicate with this server, an
attempt was made to update them with the new records through dynamic update.
An error was encountered during this update, the record data is the error
code.
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
If this DNS server's Active Directory replication partners do not have the
correct IP address(es) for this server, they will be unable to replicate with
it.
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS
server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this
server.
5) If there are no A records for this server, add at least one A record
corresponding to an address on this server, that the replication partner can
contact. (In other words, if there multiple IP addresses for this DNS
server, add at least one that is on the same network as the Active Directory
DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner. It is
only necessary that the records are fixed up on enough replication partners
so that every server that replicates with this server will receive (through
replication) the new data.
--------------------------------------------------------------------------------------------
Event id 13508 Source: NTFrs
The File Replication Service is having trouble enabling replication from
SUTHERLIN-WIN3 to SHS2003SERVER for c:\windows\sysvol\domain using the DNS
name sutherlin-win3.sutherlin.k12.or.us. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name
sutherlin-win3.sutherlin.k12.or.us from this computer.
[2] FRS is not running on sutherlin-win3.sutherlin.k12.or.us.
[3] The topology information in the Active Directory for this replica has
not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem
is fixed you will see another event log message indicating that the
connection has been established.
---------------------------------------------------------------------------------------------
Event id 202 Source: License service
The product Windows Server is out of licenses. Use Licensing from the
Administrative Tools folder for more information on which users are out of
compliance and how many licenses should be purchased.
-----------------------------------------------------------------------------------------------
Event id 1085 Source: Userenv
The Group Policy client-side extension Folder Redirection failed to execute.
Please look for any errors reported earlier by that extension.
-------------------------------------------------------------------------------------------
Event id 107 Source: folder redirection
Failed to perform redirection of folder My Documents. The folder is
configured to be redirected from <C:\Documents and Settings\Administrator\My
Documents> to <>. The following error occurred:
The specified path is invalid.
---------------------------------------------------------------------------------------------
"Ace Fekay [MVP]" wrote:
In news:48CEF982-BA83-46E4-8B2B-DB8251EAB3E0@xxxxxxxxxxxxx,.
Gilbert <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx> stated, which I commented on
below:
I tried NLTEST /sc_reset:domain.com on the main DC and I got this
error: NetLogonControl failed: status = 1355 0x54b
error_no_such_domain
Gilbert,
I noticed you multi-posted this to this group and the DNS group. I replied
there, but we'll keep the thread going here since this is an AD/DNS issue.
In the future, it would be to yours and our benefit if cross-posted, but I
realize that is impossible using the web-based access to this group, which
you used. May I suggest to use Outlook Express? See my signature below for
more info on OEx.
Anyway, here's what I asked over in that group:
Can you post an unedited ipconfig /all of SHS2003SERVER and SUTHERLIN-WEB
and sutherlin-win3 please? If you have any other DCs that are replication in
the sutherlin.k12.or.us domain, please post them as well. Let's start with
this and work from there.
Also, have any of the drive or registry permissions been altered in the past
(for security reasons) on these DCs?
Hotfixes and updates upto date? If permissions have been changed, and you've
installed all available hotfixes, this can be the whole issue. MOre on that
depending on your response.
Lastly, what Event log errors are you getting? Please post the Event ID #s
and the "Source" name.
Thanks,
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
Not sure how? It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Assimilation Imminent. Resistance is Futile.
Infinite Diversities in Infinite Combinations.
The only thing in life is change. Anything less is a blackhole consuming
unnecessary energy.
===========================
- Follow-Ups:
- Re: multiple errors in Active Directory
- From: Ace Fekay [MVP]
- Re: multiple errors in Active Directory
- From: Ace Fekay [MVP]
- Re: multiple errors in Active Directory
- References:
- multiple errors in Active Directory
- From: Gilbert
- Re: multiple errors in Active Directory
- From: Paul Williams [MVP]
- Re: multiple errors in Active Directory
- From: Ace Fekay [MVP]
- multiple errors in Active Directory
- Prev by Date: Re: Add users to local admin via login script
- Next by Date: RE: Replication errors/ LDAP won't bind
- Previous by thread: Re: multiple errors in Active Directory
- Next by thread: Re: multiple errors in Active Directory
- Index(es):
Relevant Pages
|
