Re: test domain completely offline.. help
- From: Meinolf Weber
- Date: Sat, 3 May 2008 18:12:31 +0000 (UTC)
Hello infinitiguy,
For checking your domain you can run on all DC's to check for errors:
From another posting.
If you don't have the support tools installed, install them from your server install disk.
d:\support\tools\setup.exe
Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> dnslint /ad /s "ip address of your dc"
**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's in the forest. If you have significant numbers of DC's this test could generate significant detail and take a long time. You also want to take into account slow links to dc's will also add to the testing time.
If you download a gui script I wrote it should be simple to set and run (DCDiag and NetDiag). It also has the option to run individual tests without having to learn all the switch options. The details will be output in notepad text files that pop up automagically.
The script is located on my website at http://www.pbbergs.com/windows/downloads.htm
Just select both dcdiag and netdiag make sure verbose is set. (Leave the default settings for dcdiag as set when selected)
When complete search for fail, error and warning messages.
Description and download for dnslint
http://support.microsoft.com/kb/321045
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I was a bit general because I wasn't sure exactly what was going on.
As far as AD went, it was complaining about SPN records not being
registered etc(which I assume was a symptom of DNS being offline).
During the post I was watching the environment and I think all I
needed was to give it time.. eventaully I could RDC and mount the
domain on all DCs.. a few minutes later DNS came back online and all
DC's reflected native(as opposed to before where two of the DC's
didn't even have modes...).
I'm going to let things sit for a few hours so I can get a few entries
of good behaviour, but I did see in the event log now that "the
previous problems preventing active directory replication has been
fixed, and now replication will occur(or something along those
lines)". So I think for now I'm good.
Stay tuned.
"Meinolf Weber" wrote:
Hello infinitiguy,
Please be more detailed with the problems error messages etc. You
talk about NO-RDC, then yes, so what now? Also you talk about DNS
problem, how are the symptoms? Try to bring your problems underlined
with errors from event viewer, dcdiag, netdiag or replmon or just a
good description what is not working as expected.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I just made the biggest mistake ever...
here's the situation. I have a test domain(4 DC's across two
sites..) I had everything working properly(replication and whatnot)
and the vmware esx server that hosted the DC's in my boston site
crashed. I had to rebuild and the time ended up being off... I
didn't notice this, or notice the replication errors... until after
I raised the functional level last night from mixed 2000 to native
2000.. I figured maybe it was something else and let the dc's run
overnight.. nothing changed. I just realized that it was a time
issue so I fixed the time on the DC's in boston(the dublin DC's were
perfectly fine in terms of time..) My dc's from boston jumped from
11/17/2007 to todays date and time(EDT..).. the stupid thing that
I did was rebooted all 4 DC's...
Now I'm screwed.. I can't RDC into any of them.. and on a console I
can log in but I can't do anything AD related. If I open ADI.msc I
was getting "the specified domain does not exist or could not be
found" and I couldn't manage the domain. DNS was also offline(adi
integrated..) I just checked again on the DC that holds the FSMO
roles and I can see the domain from the snapin.. as well as the
other dc's.. but DNS is still offline.
My guess is that the time jump royally screwed everything up. I can
RDC into my remote DC's now so that's a better sign.. I just have
to figure out why DNS isn't working.
I suppose this more turned into a cry/rant than a question, but if
anyone has ever experienced similar.. and would like to share.. by
all means..
.
- References:
- Re: test domain completely offline.. help
- From: infinitiguy
- Re: test domain completely offline.. help
- Prev by Date: Re: test domain completely offline.. help
- Next by Date: Re: 2k DC tombstoned
- Previous by thread: Re: test domain completely offline.. help
- Index(es):
Relevant Pages
|
