Re: FQDN cannot be managed because it is not running Windows NT
- From: JCCIT <JCCIT@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 18 Sep 2008 19:39:01 -0700
I was able to restart the machine, hit F8, and choose DSRM and logon using
the new password that I had it to. Then I changed the password again to
something new and rebooted the system ending up with the same error. I
again ran some other tests but not in this order;
netdom query fsmo
dcdiag
netdiag
repadmin /bind
repadmin /showreps jcdc02.jacksoncountywv.local
dcdiag /test:replications
dcdiag /test:connectivity
dcdiag /test:registerindns /dnsdomain
with the end result being no errors .
I did get some new event log entries after I rebooted the DCs;
Event Type: Warning
Event Source: Schannel
Event Category: None
Event ID: 36872
Date: 9/17/2008
Time: 5:03:37 PM
User: N/A
Computer: JCDC01
Description:
No suitable default server credential exists on this system.
This will prevent server applications that expect to make use of the system
default credentials from accepting SSL connections.
An example of such an application is the directory server.
Applications that manage their own credentials, such as the internet
information server, are not affected by this.
Event Type: Error
Event Source: dsrestor
Event Category: None
Event ID: 1005
Date: 9/18/2008
Time: 7:51:08 PM
User: N/A
Computer: JCDC02
Description:
The DSRestore Filter failed to connect to local SAM server. Error returned
is <id:997>.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 18.35.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 18.36.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 73.14.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 76.14.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 78.14.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone 90.14.10.in-addr.arpa in the Active
Directory. This DNS server is configured to obtain and use information from
the directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and reload the zone. The
event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 03 d6 11 00 .Ö..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4007
Date: 9/18/2008
Time: 7:34:28 AM
User: N/A
Computer: JCDC02
Description:
The DNS server was unable to open zone jacksoncountywv.local in the Active
Directory from the application directory partition
ForestDnsZones.jacksoncountywv.local. This DNS server is configured to obtain
and use information from the directory for this zone and is unable to load
the zone without it. Check that the Active Directory is functioning properly
and reload the zone. The event data is the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 0d 00 00 00 ....
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4015
Date: 9/18/2008
Time: 7:49:09 PM
User: N/A
Computer: JCDC02
Description:
The DNS server has encountered a critical error from the Active Directory.
Check that the Active Directory is functioning properly. The extended error
debug information (which may be empty) is "". The event data contains the
error.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00 Q...
I had my first phone support in the morning and they told me that Site
configuration was fine since I had added the subnets to it. I placed a
second phone support call in the early afternoon after I noticed that
certificate services were not running. During this support call we
reinstalled IIS and Certificate services and created an Enterprise CA on
JCDC02. I tested one PC by browsing in IE to http://jcdc02/certsrv and
requesting and then installing a user certificate. I was able to reboot DC
JCDC01 and noticed that the 7022 event ID disappeared that had been
reoccurring for quite some time and I was told not to worry about it was
normal. I was getting excited thinking I had made great progress, but thin
this evening when most of the users were gone I rebooted the DC JCDC02 and
received the fallowing in the event logs;
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7022
Date: 9/18/2008
Time: 9:51:13 PM
User: N/A
Computer: JCDC01
Description:
The Kerberos Key Distribution Center service hung on starting.
For more information,
see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Date: 9/18/2008
Time: 8:12:50 PM
User: N/A
Computer: JCDC01
Description:
Automatic certificate enrollment for local system failed to enroll for one
Domain Controller certificate (0x80070005). Access is denied.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
I also tried to browse to the new CA from my DHCP server JCRAS01 and request
a certificate but every time I get a request for User ID and Password, and I
am using the same Domain Admin user account that I use on all the other
servers which did not request the credentials.
"Ace Fekay [MVP Direcrtory Services]" wrote:
.
"JCCIT" <JCCIT@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7242A56B-4337-4C01-9099-2C5DA15C9F9E@xxxxxxxxxxxxxxxx
Sorry it has taken me so long to respond this time but I think you are
correct when you said that it may be a Site issue. I don’t seem to be
making much headway in resolving issue because I am spending most of my
time
trying to keep users operational. The symptoms keep compounding every
day.
There is a partially configured Default-First-Site but most of the objects
have not been modified since they were created. I have placed a support
call request but it will be tomorrow before they can phone support. I am
still trying to find an article to help me troubleshoot the problem or
correct my mistakes more likely.
I was also wrong about repairing the DSRM password, when I fallow the KB
322672 instructions I receive a messaging saying the password has
successfully changed but when I restart the DC the 1005 dsrestor error
appears again.
If you have any suggestion I would greatly appreciate them.
I would try to simply restart the machine, hit F8, and choose DSRM and logon
with the password you changed it to. This is assuming the password you
changed it to will work. Then change it and reboot.
The Default-First-Site-Name contains all the default installations prior to
creating subnets and associating them to their respective site. You can keep
the Default and create specific ones for each location. Then create subnet
objects that are used at all locations. Then associate the subnet objects
with their respective sites. Then restart the netlogon service and DNS
should populate with the new Site information.
Let me know what PSS has to say. Maybe it's something simple I am not seeing
here.
Ace
- References:
- FQDN cannot be managed because it is not running Windows NT
- From: JCCIT
- Re: FQDN cannot be managed because it is not running Windows NT
- From: JCCIT
- Re: FQDN cannot be managed because it is not running Windows NT
- From: Ace Fekay [MVP Direcrtory Services]
- Re: FQDN cannot be managed because it is not running Windows NT
- From: JCCIT
- Re: FQDN cannot be managed because it is not running Windows NT
- From: Ace Fekay [MVP Direcrtory Services]
- Re: FQDN cannot be managed because it is not running Windows NT
- From: JCCIT
- Re: FQDN cannot be managed because it is not running Windows NT
- From: Ace Fekay [MVP Direcrtory Services]
- FQDN cannot be managed because it is not running Windows NT
- Prev by Date: Re: SPN problems?
- Next by Date: Re: Creating AD OU structure for GP deployment
- Previous by thread: Re: FQDN cannot be managed because it is not running Windows NT
- Next by thread: Who logged me in ?
- Index(es):
Relevant Pages
|
