Re: Sites and Services
- From: PennStateAdmin <markasteward@xxxxxxxxxxx>
- Date: Thu, 5 Oct 2006 10:49:02 -0700
Hi Paul,
No. There has been a DC added to try to facilitate the cleanup of the PDC
emulator since the GUID would be "clean" on all the DC's. This has sorta
worked but not as intended.
I have tried to do a dcpromo and demote any one of the servers but it fails
due to replication problems. I cannot transfer the FSMO roles either even
though I can connect to a different DC successfully.
The plan was to add a new (temporary) DC that all the other DC's would
recognize because of what seems to be a GUID corruption. Then transfer the
FSMO roles to the new server and remove the old servers simultaneously. The
old servers would then be rebuilt to erradicate the problems that cannot seem
to be solved reasonably. Next we would perform all the meta-data cleanup in
the AD, defrag the AD volume and re-join the newly rebuilt servers one at a
time to ensure replication and error free communication. The cleaned AD
would then replicate to each server and thus eliminating the problem.
Thoughts and suggestions please.
--
Thanks,
Mark Steward
Information Systems
Energy Institute
Pennsylvania State University
"Paul Bergson [MVP-DS]" wrote:
Have you lost a dc and rebuilt it without properly cleaning up your AD's.
metadata?
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"PennStateAdmin" <markasteward@xxxxxxxxxxx> wrote in message
news:6E31785C-B211-44B8-9F39-69CEFFEF22C1@xxxxxxxxxxxxxxxx
DCDIAG:
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine xmaid, is a DC.
* Connecting to directory service on server xmaid.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\XMAID
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... XMAID passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\XMAID
Starting test: Replications
* Replications Check
* Replication Latency Check
......................... XMAID passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... XMAID passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... XMAID passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=ei,DC=psu,DC=edu
(Configuration,Version 2)
* Security Permissions Check for
DC=ei,DC=psu,DC=edu
(Domain,Version 2)
......................... XMAID passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... XMAID passed test NetLogons
Starting test: Advertising
The DC XMAID is advertising itself as a DC and having a DS.
The DC XMAID is advertising as an LDAP server
The DC XMAID is advertising as having a writeable directory
The DC XMAID is advertising as a Key Distribution Center
The DC XMAID is advertising as a time server
......................... XMAID passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Domain Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role PDC Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Rid Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
......................... XMAID passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 3103 to 1073741823
* xmaid.ei.psu.edu is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
* rIDPreviousAllocationPool is 1103 to 1602
* rIDNextRID: 1320
......................... XMAID passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/xmaid.ei.psu.edu/ei.psu.edu
* SPN found :LDAP/xmaid.ei.psu.edu
* SPN found :LDAP/XMAID
* SPN found :LDAP/xmaid.ei.psu.edu/EI
* SPN found
:LDAP/476d306a-1e80-45a7-bc02-ef111144cba0._msdcs.ei.psu.edu
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/476d306a-1e80-45a7-bc02-ef111144cba0/ei.psu.edu
* SPN found :HOST/xmaid.ei.psu.edu/ei.psu.edu
* SPN found :HOST/xmaid.ei.psu.edu
* SPN found :HOST/XMAID
* SPN found :HOST/xmaid.ei.psu.edu/EI
* SPN found :GC/xmaid.ei.psu.edu/ei.psu.edu
......................... XMAID passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... XMAID passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... XMAID passed test OutboundSecureChannels
Starting test: ObjectsReplicated
XMAID is in domain DC=ei,DC=psu,DC=edu
Checking for CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu in
domain DC=ei,DC=psu,DC=edu on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
in domain CN=Configuration,DC=ei,DC=psu,DC=edu on 1 servers
Object is up-to-date on all servers.
......................... XMAID passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... XMAID passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... XMAID passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x80000677
Time Generated: 10/05/2006 09:18:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000466
Time Generated: 10/05/2006 09:18:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:17
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:20
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:23
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:21:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:21:40
(Event String could not be retrieved)
......................... XMAID failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... XMAID passed test systemlog
Starting test: VerifyReplicas
......................... XMAID passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu and backlink on
CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
are correct.
The system object reference (frsComputerReferenceBL)
CN=XMAID,CN=Domain System Volume (SYSVOL share),CN=File
Replication
Service,CN=System,DC=ei,DC=psu,DC=edu
and backlink on CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu
are
correct.
The system object reference (serverReferenceBL)
CN=XMAID,CN=Domain System Volume (SYSVOL share),CN=File
Replication
Service,CN=System,DC=ei,DC=psu,DC=edu
and backlink on
CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
are correct.
......................... XMAID passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various
important
DN
references. Note, that these problems can be reported because of
latency in replication. So follow up to resolve the following
problems, only if the same problem is reported on all DCs for a
given
domain or if the problem persists after replication has had
reasonable time to replicate changes.
[1] Problem: Missing Expected Value
Base Object:
CN=TEXSERVER2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu
Base Object Description: "DC Account Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "Server Object"
Recommended Action: Check if this server is deleted, and if so
clean up this DCs Account Object.
[2] Problem: Missing Expected Value
Base Object:
CN=TEXSERVER2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[3] Problem: Missing Expected Value
Base Object: CN=XMAID2,OU=Domain
Controllers,DC=ei,DC=psu,DC=edu
- Follow-Ups:
- Re: Sites and Services
- From: Paul Bergson [MVP-DS]
- Re: Sites and Services
- References:
- Re: Sites and Services
- From: Paul Bergson
- Re: Sites and Services
- From: PennStateAdmin
- Re: Sites and Services
- From: Paul Bergson [MVP-DS]
- Re: Sites and Services
- Prev by Date: Re: Using Group Policy Manager to apply policy to default Computer OU
- Next by Date: Re: After NT 4.0 to 2003 Upgrade clients are not receiving Primary DNS suffix
- Previous by thread: Re: Sites and Services
- Next by thread: Re: Sites and Services
- Index(es):
Relevant Pages
|
Loading
