Re: Add Windows 2003 server to Windows 2000 mixed mode server
- From: noob admin <noobadmin@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 11 Sep 2006 11:21:04 -0700
===============================================
Here is the Server2 output...(Part 1)
(many failures)
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine Server2, is a DC.
* Connecting to directory service on server Server2.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\Server2
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... Server2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\Server2
Starting test: Replications
* Replications Check
[Replications Check,Server2] A recent replication attempt failed:
From Server1 to Server2
Naming Context: CN=Schema,CN=Configuration,DC=my_domain,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2006-09-11 07:49:20.
The last success occurred at 2006-09-07 16:16:39.
92 failures have occurred since the last success.
[Replications Check,Server2] A recent replication attempt failed:
From Server1 to Server2
Naming Context: CN=Configuration,DC=my_domain,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2006-09-11 07:49:20.
The last success occurred at 2006-09-07 16:16:45.
92 failures have occurred since the last success.
[Replications Check,Server2] A recent replication attempt failed:
From Server1 to Server2
Naming Context: DC=my_domain,DC=local
The replication generated an error (5):
Access is denied.
The failure occurred at 2006-09-11 07:49:20.
The last success occurred at 2006-09-07 16:17:07.
116 failures have occurred since the last success.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
Server2: Current time is 2006-09-11 08:45:03.
CN=Schema,CN=Configuration,DC=my_domain,DC=local
Last replication recieved from Server1 at 2006-09-07
16:16:39.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=my_domain,DC=local
Last replication recieved from Server1 at 2006-09-07
16:16:45.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=my_domain,DC=local
Last replication recieved from Server1 at 2006-09-07
16:17:07.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... Server2 passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
Downstream topology is disconnected for
CN=Schema,CN=Configuration,DC=my_domain,DC=local.
These servers can't get changes from home server Server2:
Default-First-Site-Name/Server1
* Analyzing the connection topology for
CN=Configuration,DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
Downstream topology is disconnected for
CN=Configuration,DC=my_domain,DC=local.
These servers can't get changes from home server Server2:
Default-First-Site-Name/Server1
* Analyzing the connection topology for DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
Downstream topology is disconnected for DC=my_domain,DC=local.
These servers can't get changes from home server Server2:
Default-First-Site-Name/Server1
......................... Server2 failed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
* Analyzing the alive system replication topology for
CN=Configuration,DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
* Analyzing the alive system replication topology for
DC=my_domain,DC=local.
* Performing upstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
* Performing downstream (of target) analysis.
DsReplicaSyncAllW failed with error The naming context specified
for this replication operation is invalid..
......................... Server2 passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC Server2.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=my_domain,DC=local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=my_domain,DC=local
(Configuration,Version 2)
* Security Permissions Check for
DC=my_domain,DC=local
(Domain,Version 2)
......................... Server2 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Unable to connect to the NETLOGON share! (\\Server2\netlogon)
[Server2] An net use or LsaPolicy operation failed with error 1203,
No network provider accepted the given network path..
......................... Server2 failed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for
\\Server1.my_domain.local, when we were trying to reach Server2.
Server is not responding or is not considered suitable.
The DC Server2 is advertising itself as a DC and having a DS.
The DC Server2 is advertising as an LDAP server
The DC Server2 is advertising as having a writeable directory
The DC Server2 is advertising as a Key Distribution Center
The DC Server2 is advertising as a time server
......................... Server2 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
Role Domain Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
Role PDC Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
Role Rid Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
......................... Server2 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2338 to 1073741823
* Server1.my_domain.local is the RID Master
* DsBind with RID Master was successful
Warning: attribute rIdSetReferences missing from
CN=Server2,OU=Domain Controllers,DC=my_domain,DC=local
Could not get Rid set Reference :failed with 8481: The search
failed to retrieve attributes from the database.
......................... Server2 failed test RidManager
Starting test: MachineAccount
Checking machine account for DC Server2 on DC Server2.
Warning: Attribute userAccountControl of Server2 is: 0x82020 = (
UF_PASSWD_NOTREQD | UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
Typical setting for a DC is 0x82000 = ( UF_SERVER_TRUST_ACCOUNT |
UF_TRUSTED_FOR_DELEGATION )
This may be affecting replication?
* SPN found :LDAP/Server2.my_domain.local/my_domain.local
* SPN found :LDAP/Server2.my_domain.local
* SPN found :LDAP/Server2
* SPN found :LDAP/Server2.my_domain.local/my_domain
* SPN found
:LDAP/48fa3212-a8b8-4180-b29d-8aa18d7ae26a._msdcs.my_domain.local
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/48fa3212-a8b8-4180-b29d-8aa18d7ae26a/my_domain.local
* SPN found :HOST/Server2.my_domain.local/my_domain.local
* SPN found :HOST/Server2.my_domain.local
* SPN found :HOST/Server2
* SPN found :HOST/Server2.my_domain.local/my_domain
* SPN found :GC/Server2.my_domain.local/my_domain.local
......................... Server2 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... Server2 passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... Server2 passed test
OutboundSecureChannels
Starting test: ObjectsReplicated
Server2 is in domain DC=my_domain,DC=local
Checking for CN=Server2,OU=Domain Controllers,DC=my_domain,DC=local
in domain DC=my_domain,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=Server2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=my_domain,DC=
local
in domain CN=Configuration,DC=my_domain,DC=local on 1 servers
Object is up-to-date on all servers.
......................... Server2 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
The registry lookup failed to determine the state of the SYSVOL.
The
error returned was 0 (The operation completed successfully.).
Check
the FRS event log to see if the SYSVOL has successfully been
shared.
......................... Server2 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... Server2 passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x80250828
Time Generated: 09/11/2006 08:35:51
(Event String could not be retrieved)
......................... Server2 failed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000423
Time Generated: 09/11/2006 08:04:41
Event String: The DHCP service failed to see a directory server
for authorization.
****************** about 30 repeated 0x0000168E errors deleted to allow port
An Error Event occured. EventID: 0x0000168E
Time Generated: 09/11/2006 08:39:44
Event String: The dynamic registration of the DNS record
'_kpasswd._udp.my_domain.local. 600 IN SRV 0 100 464
Server2.my_domain.local.'
failed on the following DNS server:
DNS server IP address: 192.168.1.10
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain
controller, this record must be registered in
DNS.
USER ACTION
Determine what might have caused this failure,
resolve the problem, and initiate registration of
the DNS records by the domain controller. To
determine what might have caused this failure,
run DCDiag.exe. You can find this program on the
Windows Server 2003 installation CD in
Support\Tools\support.cab. To learn more about
DCDiag.exe, see Help and Support Center. To
initiate registration of the DNS records by this
domain controller, run 'nltest.exe /dsregdns'
from the command prompt on the domain controller
or restart Net Logon service. Nltest.exe is
available in the Microsoft Windows Server
Resource Kit CD.
Or, you can manually add this record to DNS,
but it is not recommended.
ELETEDITIONAL DATA
Error Value: %%9017
******************* End Deleted Group
.
- Follow-Ups:
- Re: Add Windows 2003 server to Windows 2000 mixed mode server
- From: Jorge Silva
- Re: Add Windows 2003 server to Windows 2000 mixed mode server
- References:
- Re: Add Windows 2003 server to Windows 2000 mixed mode server
- From: Jorge Silva
- Re: Add Windows 2003 server to Windows 2000 mixed mode server
- Prev by Date: Re: RDN of domain name must be of type domain component??!!
- Next by Date: Re: Add Windows 2003 server to Windows 2000 mixed mode server
- Previous by thread: Re: Add Windows 2003 server to Windows 2000 mixed mode server
- Next by thread: Re: Add Windows 2003 server to Windows 2000 mixed mode server
- Index(es):
Relevant Pages
|
