Re: Sites and Services

DCDIAG:


Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine xmaid, is a DC.
* Connecting to directory service on server xmaid.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\XMAID
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... XMAID passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\XMAID
Starting test: Replications
* Replications Check
* Replication Latency Check
......................... XMAID passed test Replications
Starting test: Topology
* Configuration Topology Integrity Check
* Analyzing the connection topology for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for
CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the connection topology for DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... XMAID passed test Topology
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
CN=Configuration,DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for
DC=ei,DC=psu,DC=edu.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... XMAID passed test CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=ForestDnsZones,DC=ei,DC=psu,DC=edu
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=ei,DC=psu,DC=edu
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ei,DC=psu,DC=edu
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=ei,DC=psu,DC=edu
(Configuration,Version 2)
* Security Permissions Check for
DC=ei,DC=psu,DC=edu
(Domain,Version 2)
......................... XMAID passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... XMAID passed test NetLogons
Starting test: Advertising
The DC XMAID is advertising itself as a DC and having a DS.
The DC XMAID is advertising as an LDAP server
The DC XMAID is advertising as having a writeable directory
The DC XMAID is advertising as a Key Distribution Center
The DC XMAID is advertising as a time server
......................... XMAID passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Domain Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role PDC Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Rid Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
......................... XMAID passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 3103 to 1073741823
* xmaid.ei.psu.edu is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
* rIDPreviousAllocationPool is 1103 to 1602
* rIDNextRID: 1320
......................... XMAID passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/xmaid.ei.psu.edu/ei.psu.edu
* SPN found :LDAP/xmaid.ei.psu.edu
* SPN found :LDAP/XMAID
* SPN found :LDAP/xmaid.ei.psu.edu/EI
* SPN found
:LDAP/476d306a-1e80-45a7-bc02-ef111144cba0._msdcs.ei.psu.edu
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/476d306a-1e80-45a7-bc02-ef111144cba0/ei.psu.edu
* SPN found :HOST/xmaid.ei.psu.edu/ei.psu.edu
* SPN found :HOST/xmaid.ei.psu.edu
* SPN found :HOST/XMAID
* SPN found :HOST/xmaid.ei.psu.edu/EI
* SPN found :GC/xmaid.ei.psu.edu/ei.psu.edu
......................... XMAID passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... XMAID passed test Services
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... XMAID passed test OutboundSecureChannels
Starting test: ObjectsReplicated
XMAID is in domain DC=ei,DC=psu,DC=edu
Checking for CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu in
domain DC=ei,DC=psu,DC=edu on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu
in domain CN=Configuration,DC=ei,DC=psu,DC=edu on 1 servers
Object is up-to-date on all servers.
......................... XMAID passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... XMAID passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... XMAID passed test frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x80000677
Time Generated: 10/05/2006 09:18:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000466
Time Generated: 10/05/2006 09:18:00
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:17
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:20
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:18:23
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:21:37
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000583
Time Generated: 10/05/2006 09:21:40
(Event String could not be retrieved)
......................... XMAID failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... XMAID passed test systemlog
Starting test: VerifyReplicas
......................... XMAID passed test VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)

CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu and backlink on


CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu

are correct.
The system object reference (frsComputerReferenceBL)

CN=XMAID,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=ei,DC=psu,DC=edu

and backlink on CN=XMAID,OU=Domain Controllers,DC=ei,DC=psu,DC=edu
are

correct.
The system object reference (serverReferenceBL)

CN=XMAID,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=ei,DC=psu,DC=edu

and backlink on

CN=NTDS
Settings,CN=XMAID,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ei,DC=psu,DC=edu

are correct.
......................... XMAID passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
The following problems were found while verifying various important
DN

references. Note, that these problems can be reported because of

latency in replication. So follow up to resolve the following

problems, only if the same problem is reported on all DCs for a given

domain or if the problem persists after replication has had

reasonable time to replicate changes.
[1] Problem: Missing Expected Value

Base Object:

CN=TEXSERVER2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: serverReferenceBL

Value Object Description: "Server Object"

Recommended Action: Check if this server is deleted, and if so

clean up this DCs Account Object.


[2] Problem: Missing Expected Value

Base Object:

CN=TEXSERVER2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: frsComputerReferenceBL

Value Object Description: "SYSVOL FRS Member Object"

Recommended Action: See Knowledge Base Article: Q312862


[3] Problem: Missing Expected Value

Base Object: CN=XMAID2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: serverReferenceBL

Value Object Description: "Server Object"

Recommended Action: Check if this server is deleted, and if so

clean up this DCs Account Object.


[4] Problem: Missing Expected Value

Base Object: CN=XMAID2,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: frsComputerReferenceBL

Value Object Description: "SYSVOL FRS Member Object"

Recommended Action: See Knowledge Base Article: Q312862


[5] Problem: Missing Expected Value

Base Object: CN=XMAID3,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: serverReferenceBL

Value Object Description: "Server Object"

Recommended Action: Check if this server is deleted, and if so

clean up this DCs Account Object.


[6] Problem: Missing Expected Value

Base Object: CN=XMAID3,OU=Domain Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: frsComputerReferenceBL

Value Object Description: "SYSVOL FRS Member Object"

Recommended Action: See Knowledge Base Article: Q312862


[7] Problem: Missing Expected Value

Base Object: CN=TEKSHOP7,OU=Domain
Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: serverReferenceBL

Value Object Description: "Server Object"

Recommended Action: Check if this server is deleted, and if so

clean up this DCs Account Object.


[8] Problem: Missing Expected Value

Base Object: CN=TEKSHOP7,OU=Domain
Controllers,DC=ei,DC=psu,DC=edu

Base Object Description: "DC Account Object"

Value Object Attribute Name: frsComputerReferenceBL

Value Object Description: "SYSVOL FRS Member Object"

Recommended Action: See Knowledge Base Article: Q312862


......................... XMAID failed test
VerifyEnterpriseReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : ei
Starting test: CrossRefValidation
......................... ei passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ei passed test CheckSDRefDom

Running enterprise tests on : ei.psu.edu
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope

provided by the command line arguments provided.
......................... ei.psu.edu passed test Intersite
Starting test: FsmoCheck
Warning: Couldn't verify this server as a GC in this servers AD.
GC Name: \\xmaid3.ei.psu.edu
Locator Flags: 0xe00001fc
PDC Name: \\xmaid.ei.psu.edu
Locator Flags: 0xe00001f9
Time Server Name: \\xmaid.ei.psu.edu
Locator Flags: 0xe00001f9
Preferred Time Server Name: \\xmaid.ei.psu.edu
Locator Flags: 0xe00001f9
KDC Name: \\xmaid.ei.psu.edu
Locator Flags: 0xe00001f9
......................... ei.psu.edu passed test FsmoCheck


--
Thanks,

Mark Steward
Information Systems
Energy Institute
Pennsylvania State University


"Paul Bergson" wrote:

What do the Event Logs state? Have you run repadmin?

Run diagnostics against your Active Directory domain.

If you don't have the tools installed, install them from your server install
disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> dcdiag /e /c /v /s:DC_Name /f:c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests
without having to learn all the switch options. The details will be output
in notepad text files that pop up automagically.

The script is located in the download section on my website at
http://www.pbbergs.com

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.


--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"PennStateAdmin" <markasteward@xxxxxxxxxxx> wrote in message
news:A5B28593-CD9E-4AA1-BEA9-07AA4E80D7AF@xxxxxxxxxxxxxxxx
I have a site with 5 DC's and 2 GC's. The GC's are on opposite sides of
the
router and both support WINS. Two weeks ago we had an environmental power
failure that depleted the APC batteries. This outage was on a Sunday
morning
and the APC software did not shut down the servers (as it was supposed
to).
After bringing the servers back online and running preliminary hardware
checks we found that the AD is corrupted. The PDC emulator is no longer
able
to see other servers for a "New Connection". Additionally, the problem
seems
to have snow-balled at this point. Initially we were seeing replication
links with the GUID next to the server name but it was still not
replicating
(Event ID 1030 & 1097). Now the servers are not replicating at all and I
can
no longer configure server links. The NETDIAG test on each machine shows
that there are no failures aside from the "Event Log" errors.

At this point I cannot get replication started or completed. I have tried
rebuilding the SYSVOL according to one of the MS KB articles. This has
not
worked either. So I am seeking advice as to the cause of these problems
and
possible solutions.

Thanks in advance.
--
Thanks,

Mark Steward
Information Systems
Energy Institute
Pennsylvania State University



.

Relevant Pages
Loading