Re: Errors on First DC in domain , want to move roles but can't.
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Fri, 25 Aug 2006 17:08:48 +0100
KDC errors. check if Time server is Sync, and/or reset the DC account.
It also seems that you're right on the limit of 60 Days of replication ythis
can be a problem?
Post the results for repadmin /showreps
Also check DNs configuration
- can this server resolve the FQDN of the other servers?
- Is this server a DNS server?
- Can you post here the results for ipconfig /all?
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
"Johan" <Johan @discussions.microsoft.com> wrote in message
news:4E2F0D3A-6636-4EB3-B161-B7B1C37459E9@xxxxxxxxxxxxxxxx
Hi all , below is a error that im getting on DCDIAG for this domain, im
trying to move the domain roles away from the primary DC to other DC's but
it
keeps failing. I don't want to force a role change but i would like to see
if
i can save the original DC before i do a drastic move.
DC Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial non skippeable tests
Testing server: Default-First-Site-Name\KALAHARIDC
Starting test: Connectivity
*** Warning: could not confirm the identity of this server in
the directory versus the names returned by DNS servers.
If there are problems accessing this directory server then
you may need to check that this server is correctly
registered
with DNS
......................... KALAHARIDC passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\KALAHARIDC
Starting test: Replications
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From NDIBDC01 to KALAHARIDC
Naming Context:
CN=Schema,CN=Configuration,DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 14:59.58.
The last success occurred at 2006-06-23 10:19.09.
56 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From KALFS01 to KALAHARIDC
Naming Context:
CN=Schema,CN=Configuration,DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 14:59.58.
The last success occurred at 2006-06-23 10:19.09.
60 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From NDIBDC01 to KALAHARIDC
Naming Context: CN=Configuration,DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 15:25.36.
The last success occurred at 2006-08-23 10:46.02.
506 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From KALFS01 to KALAHARIDC
Naming Context: CN=Configuration,DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 15:26.41.
The last success occurred at 2006-06-23 10:33.12.
460 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From NDIBDC01 to KALAHARIDC
Naming Context: DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 15:33.58.
The last success occurred at 2006-08-23 10:43.32.
840 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
[Replications Check,KALAHARIDC] A recent replication attempt
failed:
From KALFS01 to KALAHARIDC
Naming Context: DC=kalaharinet,DC=local
The replication generated an error (1326):
Logon failure: unknown user name or bad password.
The failure occurred at 2006-08-25 15:35.20.
The last success occurred at 2006-08-23 10:44.15.
1131 failures have occurred since the last success.
Kerberos Error.
The machine account is not present, or does not match on the.
destination, source or KDC servers.
Verify domain partition of KDC is in sync with rest of
enterprise.
The tool repadmin/syncall can be used for this purpose.
......................... KALAHARIDC passed test Replications
Starting test: NCSecDesc
......................... KALAHARIDC passed test NCSecDesc
Starting test: NetLogons
[KALAHARIDC] An net use or LsaPolicy operation failed with error
52, A duplicate name exists on the network..
......................... KALAHARIDC failed test NetLogons
Starting test: Advertising
Fatal Error:DsGetDcName (KALAHARIDC) call failed, error 1722
The Locator could not find the server.
......................... KALAHARIDC failed test Advertising
Starting test: KnowsOfRoleHolders
......................... KALAHARIDC passed test
KnowsOfRoleHolders
Starting test: RidManager
......................... KALAHARIDC passed test RidManager
Starting test: MachineAccount
Could not open pipe with [KALAHARIDC]:failed with 52: A duplicate
name exists on the network.
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
* Missing SPN :(null)
* Missing SPN :(null)
......................... KALAHARIDC failed test MachineAccount
Starting test: Services
Could not open Remote ipc to [KALAHARIDC]:failed with 52: A
duplicate name exists on the network.
......................... KALAHARIDC failed test Services
Starting test: ObjectsReplicated
......................... KALAHARIDC passed test ObjectsReplicated
Starting test: frssysvol
[KALAHARIDC] An net use or LsaPolicy operation failed with error
52, A duplicate name exists on the network..
......................... KALAHARIDC failed test frssysvol
Starting test: kccevent
Failed to enumerate event log records, error A duplicate name
exists on the network.
......................... KALAHARIDC failed test kccevent
Starting test: systemlog
Failed to enumerate event log records, error A duplicate name
exists on the network.
......................... KALAHARIDC failed test systemlog
Running enterprise tests on : kalaharinet.local
Starting test: Intersite
......................... kalaharinet.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1722
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed,
error
1722
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722
A KDC could not be located - All the KDCs are down.
......................... kalaharinet.local failed test FsmoCheck
.
- Prev by Date: Re: Password must meet complexity requirements
- Next by Date: Re: Connecting between non-trusted AD' s
- Previous by thread: How to query all users set to "Remote access policy"
- Next by thread: Modifying Security Group memberships require reboot!
- Index(es):
Relevant Pages
|
Loading
