Re: Thoroughly confused SBS 2003 Server
- From: "Al Christoph" <ac2@xxxxxxx>
- Date: Sun, 22 Jan 2006 15:49:41 -0500
Les thanks for the very thoughtful response. If I remember correclty you
long since have established your sainthood with me. Now for another go. If
you are really interested in my dirty laundry the network is available
through dynamic dns and if it would be in your interest to do so I can give
you the magic words to let you in. (Opening it up slightly was one of the
things I did recently but I don't know if that correlates with my problems
or not.)
The history of all this is very cloudy. I make a living (sort of) as a
desktop programmer and haven't been in the network/server support situation
for some years now except for this home office system. And the servers here
are toys in the sense that they don't do much of anything useful for me on a
day to day basis except provide a local domain and some IIS support when I'm
playing web developer. The install was a learning experience. In point of
fact I first had SBS running on the box that now has the Server Enterprise
edition running and swapped things around well over a year ago. I use auto
update on the SBS box. The Enterprise box was way out of date because it's
been turned off.
I'm also in a program with MS that gets me lots of stuff dirt cheap for
learning and playing around so ...
A year ago or moe I put up the second server and made it a domain controller
of some type or another (apparently BDC - see output below). And at some
point I tried to remove it but did a very bad job of it. (Saw no need to pay
for the electricity to keep it running:-) No consequences up till now
except 3 can't replicate messages in the log per day. Then the other day I
removed it as a server from the SBS list of computers. (Stupid me:-)
In terms of the immediate problem - the need to add a computer (VPC) to the
network, I try doing that on the SBS server as the master administrator with
all the rights and privileges that implies. I'm using the server manager
console with the wizard.
Here is the result of the IPCONFIG /all you requested with some comments.
Windows IP Configuration
Host Name . . . . . . . . . . . . : ac2m6
Primary Dns Suffix . . . . . . . : 3BEARS.LOCAL
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : 3BEARS.LOCAL
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VIA Rhine II Compatible Fast Ethernet
Adapter
Physical Address. . . . . . . . . : 00-11-09-3D-37-9B
DHCP Enabled. . . . . . . . . . . : No <<<<<< I fix its
address
IP Address. . . . . . . . . . . . : 192.168.0.133 <<<<< various internal
web sites
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.132
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.131
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.130
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.129
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.128
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.127
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 192.168.0.2 <<<<< this is the
box of concern
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2 <<<<< this is the
box of concern
192.168.0.1 <<<<< this
is the router on the network and interface to the rest of the world
206.141.193.55 <<<<< this
is someone else's DNS server that allows me to talk to the rest of the word
Primary WINS Server . . . . . . . : 192.168.0.2
Here are pieces of a dcdiag run on this box which tell story perhaps even
better than the error messages do:
The first piece undoubtedly reflects my stupidity in configuring / shutting
down the second server:
[Replications Check,AC2M6] A recent replication attempt failed:
From AC2M2 to AC2M6
Naming Context: CN=Schema,CN=Configuration,DC=3BEARS,DC=LOCAL
The replication generated an error (8614):
The Active Directory cannot replicate with this server because the time
since the last replication with this
has exceeded the tombstone lifetime.
The failure occurred at 2006-01-22 13:51:49.
The last success occurred at 2005-03-05 09:53:36.
7734 failures have occurred since the last success.
[Replications Check,AC2M6] A recent replication attempt failed:
From AC2M2 to AC2M6
Naming Context: CN=Configuration,DC=3BEARS,DC=LOCAL
The replication generated an error (8614):
The Active Directory cannot replicate with this server because the time
since the last replication with this
has exceeded the tombstone lifetime.
The failure occurred at 2006-01-22 14:23:26.
The last success occurred at 2005-03-05 09:53:36.
7774 failures have occurred since the last success.
[Replications Check,AC2M6] A recent replication attempt failed:
From AC2M2 to AC2M6
Naming Context: DC=3BEARS,DC=LOCAL
The replication generated an error (8614):
The Active Directory cannot replicate with this server because the time
since the last replication with this
has exceeded the tombstone lifetime.
The failure occurred at 2006-01-22 14:05:10.
The last success occurred at 2005-03-05 09:53:36.
7739 failures have occurred since the last success.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source AC2M2
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
REPLICATION-RECEIVED LATENCY WARNING
AC2M6: Current time is 2006-01-22 14:34:39.
CN=Schema,CN=Configuration,DC=3BEARS,DC=LOCAL
Last replication recieved from AC2M2 at 2005-03-05 09:53:36.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
CN=Configuration,DC=3BEARS,DC=LOCAL
Last replication recieved from AC2M2 at 2005-03-05 09:53:36.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
DC=3BEARS,DC=LOCAL
Last replication recieved from AC2M2 at 2005-03-05 09:53:36.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
----------------
Starting test: Advertising
Fatal Error:DsGetDcName (AC2M6) call failed, error 1355
The Locator could not find the server.
------------------------------
Starting test: kccevent
An Error Event occured. EventID: 0xC00007FA
Time Generated: 01/22/2006 14:51:48
Event String: It has been too long since this machine last
An Error Event occured. EventID: 0xC00007FA
Time Generated: 01/22/2006 14:51:48
Event String: It has been too long since this machine last
An Error Event occured. EventID: 0xC00007FA
Time Generated: 01/22/2006 14:51:49
Event String: It has been too long since this machine last
-------------------------
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... 3BEARS.LOCAL failed test FsmoCheck
==========================================================
A little more systematically - in the event viewer:
File Replication Service - At every boot since last october:
The File Replication Service has detected that the replica set "DOMAIN
SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
Replica set name is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Replica root path is : "c:\windows\sysvol\domain"
Replica root volume is : "\\.\C:"
Nothing surprising there.
------------------------------------
DNS Log - nothing of interest
-----------------------
Directory Services Log:
>From last october or earlier until Jan 18
This is the replication status for the following directory partition on the
local domain controller.
Directory partition:
CN=Schema,CN=Configuration,DC=3BEARS,DC=LOCAL
The local domain controller has not recently received replication
information from a number of domain controllers. The count of domain
controllers is shown, divided into the following intervals.
....
This is the replication status for the following directory partition on the
local domain controller.
Directory partition:
CN=Configuration,DC=3BEARS,DC=LOCAL
The local domain controller has not recently received replication
information from a number of domain controllers. The count of domain
controllers is shown, divided into the following intervals.
....
More than 24 hours:
1
More than a week:
1
More than one month:
1
More than two months:
1
More than a tombstone lifetime:
1
Tombstone lifetime (days):
60
....
Then on Jan 18 I got this:
Active Directory was unable to establish a connection with the global
catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200caf
AND THIS:
It has been too long since this machine last replicated with the named
source machine. The time between replications with this source has exceeded
the tombstone lifetime. Replication has been stopped with this source.
This last has repeated every 20 minutes since.
------------------------
System:
SAM -
The request for a new account-identifier pool failed. The operation will be
retried until the request succeeds. The error is
" The requested FSMO operation failed. The current FSMO holder could not be
contacted.
AND ALSO
The maximum account identifier allocated to this domain controller has been
assigned. The domain controller has failed to obtain a new identifier pool.
A possible reason for this is that the domain controller has been unable to
contact the master domain controller. Account creation on this controller
will fail until a new pool has been allocated. There may be network or
connectivity problems in the domain, or the master domain controller may be
offline or missing from the domain. Verify that the master domain controller
is running and connected to the domain.
This correlates with my attempts to add a computer (and is not surprising
given the DCDIAG output above.)
Remote Access:
Unable to add the interface {AF18664A-E65E-4D0B-A920-C0282CC0EE7B} with the
Router Manager for the IP protocol. The following error occurred: Cannot
complete this function.
WMIxWMD
Machine Check Event reported is a fatal error.
I'm not sure whether to worry about this one or not. BTW The box is home
brew 64BIT chip and not particularly server configured. (No RAID etc.)
SBCORE
The previous notices from MS telling me where to get off because I was
violating the EULA. (Still not at all clear how!!!!)
Security log:
Nothing interesting Though I sure do want to turn of Success auditing one of
these days.
Application Log:
UserEnv
Windows cannot obtain the domain controller name for your computer network.
(The specified domain either does not exist or could not be contacted. ).
Group Policy processing aborted.
AND THIS
POP3
The message <id:{F3A23263-5351-4C1E-96CC-5AE28A3F0B63}> cannot be delivered
due to a problem in the initialization of its deliverer.
I've had problems with Exchange Server for some time. Not important because
it does POP3 on my oldest email address and only that. Many a spam rejector
these days.
Here is at least one happy piece of news:
C:\Documents and Settings\Administrator>nltest /DCLIST:3BEARS
Domain '3BEARS' is pre Windows 2000 domain. (Using NetServerEnum).
List of DCs in Domain 3BEARS
\\AC2M6 (PDC)
\\AC2M2
The command completed successfully
At least the box I'm trying to fix is the PDC and not the one I've kept shut
off:-)))
Thanks again.
Regards,
Al
"Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
wrote in message news:OLgqR13HGHA.2320@xxxxxxxxxxxxxxxxxxxxxxx
> Hi Al,
>
> Inline ....
>
> --
> Les Connor [SBS Community Member - SBS MVP]
> -----------------------------------------------------------
> SBS Rocks !
> ----------------------
> "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
> understand." - Confucius
>
>
> "Al Christoph" <ac2@xxxxxxx> wrote in message
> news:OiZyol2HGHA.528@xxxxxxxxxxxxxxxxxxxxxxx
> > I'm not exactly sure how I got into the kettle of fish that I'm in
sooooo
> > .... I mention several of the worst symptoms.
> > I'm not adverse to rebuilding the system provided that I can capture the
> > user id's and transfer them to the new system AND capture the POP3
> > settings on my Exchange Server. (The password it uses to get the email
> > from the ISP is absolutely archaic, and I have no particularly easy way
to
> > recover it:-(
> >
> > 1. The most embarassing is that when I have a second server - configured
> > as Windows Server 2003 Enterprise Edition - turned on, the SBS system
> > gives me a series of complaints about another SBS system being present
on
> > the network, then EULA violation warnings, and then shuts itself off!!!!
> > The source of these errors is SBCore and the ultimate ID # is 1001.
(There
> > are a series of timed warnings before it shuts down.)
>
> Can you give us some history on this member server - was it clean
installed,
> or upgraded? Has SBS media (2k or 2k3) been used anywhere else on your
> network, ever, besides on the present SBS server?
>
> Is this member server joined to the SBS domain? If so, can you elaborate
on
> the steps you took to join it?
>
> >
> > 2. When I try to add a computer or a server, it goes through the motions
> > and then says that I need to be an SBS admin or Power user to do it. Two
> > errors from SAM are generated ID's 16650 and 16651.
>
> By add a computer, exactly what do you mean? Are you adding an account via
> the SBS server management console, using the Add Computer Wizard, or
> <something else>. If using Add Computer Wizard - what user account are you
> logged onto the server with, and what are it's security group memberships?
>
> >
> > 3. This is the scariest one - Application / Userenv / id 1054 "Windows
> > cannot obtain the domain controller name for your computer network ..."
>
> Please post the output of 'ipconfig /all' run from the SBS server, a
> workstation, and optionally your member server.
>
> >
> > There are bunches of others too, but these strike me as the ones that
> > might lead me out of the mess I'm in.
>
> You should post all of the errors - you can use the copy function once you
> open the error, and past them into a reply.
>
> >
> > Suggestions please.
> >
> > Thanks.
> >
> > Regards,
> > Al
> > Who at this point would really like to save what he needs off this SBS
box
> > and move SBS to the box that now has Enterprise server on it. Then he
> > would turn the current SBS box into a 64 BIT Windows XP box since that
is
> > what the hardware is.
> >
>
>
.
- References:
- Thoroughly confused SBS 2003 Server
- From: Al Christoph
- Re: Thoroughly confused SBS 2003 Server
- From: Les Connor [SBS Community Member - SBS MVP]
- Thoroughly confused SBS 2003 Server
- Prev by Date: Re: DHCP server and netgear router problems
- Next by Date: Re: DHCP server and netgear router problems
- Previous by thread: Re: Thoroughly confused SBS 2003 Server
- Next by thread: Re: Thoroughly confused SBS 2003 Server
- Index(es):
Relevant Pages
|
