Re: No DC shown in NTDSUTIL.exe in Single DC network
- From: Nick Moore <NickMoore@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 1 Oct 2006 06:59:02 -0700
Yes, DNS is functioning properly and the DC points to inself as the only DNS
server, then forwarders handle internet requests. All addional DC DNS
records are there.
Here was the feedback I got from DCDIAG /v. I've never used this tool
before so I'm not sure what it means, any insight?
C:\Documents and Settings\Administrator>dcdiag /v
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine 2003server, is a DC.
* Connecting to directory service on server 2003server.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\2003SERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... 2003SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\2003SERVER
Starting test: Replications
* Replications Check
* Replication Latency Check
CN=Schema,CN=Configuration,DC=nicka,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0
had no
latency information (Win2K DC).
CN=Configuration,DC=nicka,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0
had no
latency information (Win2K DC).
DC=nicka,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0
had no
latency information (Win2K DC).
* Replication Site Latency Check
......................... 2003SERVER passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC 2003SERVER.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=nicka,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=nicka,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=nicka,DC=com
(Domain,Version 2)
......................... 2003SERVER passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\2003SERVER\netlogon
Verified share \\2003SERVER\sysvol
......................... 2003SERVER passed test NetLogons
Starting test: Advertising
The DC 2003SERVER is advertising itself as a DC and having a DS.
The DC 2003SERVER is advertising as an LDAP server
The DC 2003SERVER is advertising as having a writeable directory
The DC 2003SERVER is advertising as a Key Distribution Center
The DC 2003SERVER is advertising as a time server
The DS 2003SERVER is advertising as a GC.
......................... 2003SERVER passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=2003SERVER,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com
Role Domain Owner = CN=NTDS
Settings\0ADEL:26473274-cc29-45d4-81f0-58d3
cc39c8cf,CN=2000SERVER\0ADEL:4b9f38e5-dd43-4fe8-af03-051b99cfef11,CN=Servers,CN=
Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com
Warning: CN=NTDS
Settings\0ADEL:26473274-cc29-45d4-81f0-58d3cc39c8cf,CN
=2000SERVER\0ADEL:4b9f38e5-dd43-4fe8-af03-051b99cfef11,CN=Servers,CN=Default-Fir
st-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com is the Domain Owner,
but
is deleted.
Role PDC Owner = CN=NTDS
Settings,CN=2003SERVER,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com
Role Rid Owner = CN=NTDS
Settings,CN=2003SERVER,CN=Servers,CN=Default-F
irst-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=2003SERVER,CN=Se
rvers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com
......................... 2003SERVER failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 3634 to 1073741823
* 2003server.nicka.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3134 to 3633
* rIDPreviousAllocationPool is 3134 to 3633
* rIDNextRID: 3183
......................... 2003SERVER passed test RidManager
Starting test: MachineAccount
Checking machine account for DC 2003SERVER on DC 2003SERVER.
* SPN found :LDAP/2003server.nicka.com/nicka.com
* SPN found :LDAP/2003server.nicka.com
* SPN found :LDAP/2003SERVER
* SPN found :LDAP/2003server.nicka.com/NICKA
* SPN found
:LDAP/4cf69ad2-e55b-43fb-81f0-335bbc0b41e5._msdcs.nicka.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/4cf69ad2-e55b-43fb-81
f0-335bbc0b41e5/nicka.com
* SPN found :HOST/2003server.nicka.com/nicka.com
* SPN found :HOST/2003server.nicka.com
* SPN found :HOST/2003SERVER
* SPN found :HOST/2003server.nicka.com/NICKA
* SPN found :GC/2003server.nicka.com/nicka.com
......................... 2003SERVER passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... 2003SERVER passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
2003SERVER is in domain DC=nicka,DC=com
Checking for CN=2003SERVER,OU=Domain Controllers,DC=nicka,DC=com in
dom
ain DC=nicka,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=2003SERVER,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=nicka,DC=com in domain
CN=Configuration,
DC=nicka,DC=com on 1 servers
Object is up-to-date on all servers.
......................... 2003SERVER passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... 2003SERVER passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... 2003SERVER passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minut
es.
......................... 2003SERVER passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x00000457
Time Generated: 10/01/2006 08:47:08
(Event String could not be retrieved)
......................... 2003SERVER failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=2003SERVER,OU=Domain Controllers,DC=nicka,DC=com and backlink on
CN=2003SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configu
ration,DC=nicka,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=2003SERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replicatio
n Service,CN=System,DC=nicka,DC=com
and backlink on CN=2003SERVER,OU=Domain Controllers,DC=nicka,DC=com
are correct.
The system object reference (serverReferenceBL)
CN=2003SERVER,CN=Domain System Volume (SYSVOL share),CN=File
Replicatio
n Service,CN=System,DC=nicka,DC=com
and backlink on
CN=NTDS
Settings,CN=2003SERVER,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=nicka,DC=com
are correct.
......................... 2003SERVER passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : nicka
Starting test: CrossRefValidation
......................... nicka passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... nicka passed test CheckSDRefDom
Running enterprise tests on : nicka.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... nicka.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\2003server.nicka.com
Locator Flags: 0xe00003fd
PDC Name: \\2003server.nicka.com
Locator Flags: 0xe00003fd
Time Server Name: \\2003server.nicka.com
Locator Flags: 0xe00003fd
Preferred Time Server Name: \\2003server.nicka.com
Locator Flags: 0xe00003fd
KDC Name: \\2003server.nicka.com
Locator Flags: 0xe00003fd
......................... nicka.com passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
Thanks.
Nick
"Ulf B. Simon-Weidner [MVP]" wrote:
"Nick Moore" <NickMoore@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message.
news:B67E31D6-595E-4FBD-A9E3-A138D4A6CA19@xxxxxxxxxxxxxxxx
I have a 2003 Server w/SP1 that runs on my domain, it is the global catalogHello Nick,
server and Operations masters for everything. It is the only domain
controller on my network. Active directory seemingly works just fine
except
I get constant errors in the event log that say:
Active Directory was unable to establish a connection with the global
catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200cd1
User Action:
Make sure a global catalog is available in the forest, and is reachable
from
this domain controller. You may use the nltest utility to diagnose this
problem.
I used NTDSUTIL to check AD and when I try to get a server list it says no
servers found in my domain. I'm also getting tons of DNS errors about AD
not
being available. Any ideas on whats going on??? Thanks.
Is the server setup to use himself as DNS-Server? Are the records in there
correct? What errors do you get running dcdiag /v?
Always first check DNS, most errors are in there.
--
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
- Follow-Ups:
- Re: No DC shown in NTDSUTIL.exe in Single DC network
- From: Ulf B. Simon-Weidner [MVP]
- Re: No DC shown in NTDSUTIL.exe in Single DC network
- References:
- Re: No DC shown in NTDSUTIL.exe in Single DC network
- From: Ulf B. Simon-Weidner [MVP]
- Re: No DC shown in NTDSUTIL.exe in Single DC network
- Prev by Date: Re: RE:SETUP 2003 and exchange 2003 DC
- Next by Date: Re: RE:SETUP 2003 and exchange 2003 DC
- Previous by thread: Re: No DC shown in NTDSUTIL.exe in Single DC network
- Next by thread: Re: No DC shown in NTDSUTIL.exe in Single DC network
- Index(es):
Relevant Pages
|
