Re: Can't login to new DC
- From: DD <DD@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 19 Jan 2009 23:36:01 -0800
dcdiag win2k result
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine sg0001, is a DC.
* Connecting to directory service on server sg0001.
* Collecting site info.
* Identifying all servers.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\sg0001
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... sg0001 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\sg0001
Starting test: Replications
* Replications Check
......................... sg0001 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=ocb,DC=com,DC=sg
* Security Permissions Check for
CN=Configuration,DC=ocb,DC=com,DC=sg
* Security Permissions Check for
DC=ocb,DC=com,DC=sg
......................... sg0001 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... sg0001 passed test NetLogons
Starting test: Advertising
The DC sg0001 is advertising itself as a DC and having a DS.
The DC sg0001 is advertising as an LDAP server
The DC sg0001 is advertising as having a writeable directory
The DC sg0001 is advertising as a Key Distribution Center
Warning: sg0001 is not advertising as a time server.
......................... sg0001 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=sg0002,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
Role Domain Owner = CN=NTDS
Settings,CN=sg0001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
Role PDC Owner = CN=NTDS
Settings,CN=sg0001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
Role Rid Owner = CN=NTDS
Settings,CN=sg0001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=sg0002,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
......................... sg0001 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 5115 to 1073741823
* sg0001.ocb.co.id is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 3115 to 3614
* rIDNextRID: 2960
* rIDPreviousAllocationPool is 2615 to 3114
......................... sg0001 passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/sg0001.ocb.co.id/ocb.co.id
* SPN found :LDAP/sg0001.ocb.co.id
* SPN found :LDAP/sg0001
* SPN found :LDAP/sg0001.ocb.co.id/UOBKHID
* SPN found
:LDAP/96677f00-40fa-41c1-8bb1-c11a92606a04._msdcs.ocb.co.id
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/96677f00-40fa-41c1-8bb1-c11a92606a04/ocb.co.id
* SPN found :HOST/sg0001.ocb.co.id/ocb.co.id
* SPN found :HOST/sg0001.ocb.co.id
* SPN found :HOST/sg0001
* SPN found :HOST/sg0001.ocb.co.id/UOBKHID
* SPN found :GC/sg0001.ocb.co.id/ocb.co.id
......................... sg0001 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
w32time Service is stopped on [sg0001]
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [sg0001]
......................... sg0001 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
sg0001 is in domain DC=ocb,DC=com,DC=sg
Checking for CN=sg0001,OU=Domain Controllers,DC=ocb,DC=com,DC=sg in
domain DC=ocb,DC=com,DC=sg on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=sg0001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=ocb,DC=com,DC=sg
in domain CN=Configuration,DC=ocb,DC=com,DC=sg on 1 servers
Object is up-to-date on all servers.
......................... sg0001 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... sg0001 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
An Error Event occured. EventID: 0xC0000466
Time Generated: 01/20/2009 13:39:39
(Event String could not be retrieved)
......................... sg0001 failed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... sg0001 passed test systemlog
Running enterprise tests on : ocb.co.id
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... ocb.co.id passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\sg0001.ocb.co.id
Locator Flags: 0xe00001b9
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
KDC Name: \\sg0001.ocb.co.id
Locator Flags: 0xe00001b9
......................... ocb.co.id failed test FsmoCheck
"Meinolf Weber [MVP-DS]" wrote:
Hello DD,.
Please post a complete output from dcdiag /v, netdiag /v and repadmin /showrepl
from both DC's.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
The dcdiag and netdisg result, This machine is not working properly as
a DC. one mote problem , the netlogon script not working for the new
2003 DC Please help
DCDIAG RESULT
Doing primary tests
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\sg0002\netlogon)
[sg0002] An net use or LsaPolicy operation failed with error
1203,
No network provider accepted the given network path..
......................... sg0002 failed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for
\\sg0002.oc.com.sg
id, when we were trying to reach sg0002.
Server is not responding or is not considered suitable.
Warning: sg0002 is not advertising as a time server.
......................... sg0002 failed test Advertising
Starting test: frsevent
There are warning or error events within the last 24 hours
after the
SYSVOL has been shared. Failing SYSVOL replication problems
may
cause
Group Policy problems.
......................... sg0002 failed test frsevent
Starting test: kccevent
NETDIAG RESULT
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the
local machine. This machine is not working properly as a DC.
"Jorge Silva" wrote:
Hi
-Assuming that the users are in a different subnet do you have any
firewall
between them?
-Also run dcdiag and netdiag on the DC, additionally check for event
errors
under eventviewer.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"DD" <DD@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:95512B58-8C92-4C79-AF8A-052AA02738DD@xxxxxxxxxxxxxxxx
Hi,
We have one windows 2K dc and one windows 2003 currently running in
the network. The windows 2003 DC is new .
I have trenasferred all the 5 FSMO role to the new 2003 dc, when i
disconnect the win 2k DC from the network, users are no able to
login to Domain, error domain xxx id not available.
User pc dns is pointing to the new windows 2003 DC.
- Follow-Ups:
- Re: Can't login to new DC
- From: Meinolf Weber [MVP-DS]
- Re: Can't login to new DC
- References:
- Can't login to new DC
- From: DD
- Re: Can't login to new DC
- From: Jorge Silva
- Re: Can't login to new DC
- From: DD
- Re: Can't login to new DC
- From: Meinolf Weber [MVP-DS]
- Can't login to new DC
- Prev by Date: Re: Can't login to new DC
- Next by Date: Re: Domain group policy & Screensaver.
- Previous by thread: Re: Can't login to new DC
- Next by thread: Re: Can't login to new DC
- Index(es):
Relevant Pages
|
